GMER 1.0.15.15163 -
http://www.gmer.net
Rootkit scan 2009-10-23 10:17:18
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\JODIS~1\LOCALS~1\Temp\pxtdypog.sys
---- Kernel code sections - GMER 1.0.15 ----
.text aec.sys BA5B2380 19 Bytes [8B, 54, 24, 04, 83, EC, 20, ...]
.text aec.sys BA5B2394 22 Bytes CALL EE157EC3
.text aec.sys BA5B23AB 18 Bytes [C1, 83, C4, 20, C2, 04, 00, ...] {ROL DWORD [EBX+0x4c220c4], 0x0; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 ; INT 3 }
.text aec.sys BA5B23C0 2 Bytes [53, 55] {PUSH EBX; PUSH EBP}
.text aec.sys BA5B23C3 4 Bytes [6C, 24, 0C, 56] {INSB ; AND AL, 0xc; PUSH ESI}
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] kernel32.dll!ExitProcess 7C81CB12 5 Bytes JMP 00D626D2 C:\WINDOWS\system32\sobikada.dll
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E351FF7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E351F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E351FBC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E351F04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E351F3E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E352032 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E2017EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3521F4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4368] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00D62DD0 C:\WINDOWS\system32\sobikada.dll
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\aec.sys[HAL.dll!KeQueryPerformanceCounter] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinGetAvailableByteCount] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinRegisterIrpCompletionCallback] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsFilterAttemptProcessing] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsFilterAcquireProcessingMutex] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsFilterReleaseProcessingMutex] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinGetConnectedPinDeviceObject] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinGetConnectedPinFileObject] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsGetObjectFromFileObject] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinGetParentFilter] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsGetPinFromIrp] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!_KsEdit] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsStreamPointerClone] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsProcessPinUpdate] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsPinGetConnectedPinInterface] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsStreamPointerGetIrp] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsStreamPointerDelete] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsReleaseControl] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsAcquireControl] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsInitializeDriver] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsFilterGetFirstChildPin] 00000000
IAT \SystemRoot\system32\drivers\aec.sys[ks.sys!KsGetFilterFromIrp] 00000000
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs tmpreflt.sys (Pre-Filter For XP/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
Device \FileSystem\Fastfat \Fat 9EA8AD20
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat tmpreflt.sys (Pre-Filter For XP/Trend Micro Inc.)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Processes - GMER 1.0.15 ----
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe [840] 0x01A70000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe [940] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [956] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDA.EXE [1464] 0x00CB0000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\system32\Rundll32.exe [1652] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [1676] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [1752] 0x01070000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\stsystra.exe [1812] 0x01090000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe [1824] 0x00BC0000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Messenger\msmsgs.exe [2080] 0x009B0000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Creative\VoiceCenter\AndreaVC.exe [2308] 0x00C70000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2556] 0x00B10000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\system32\ctfmon.exe [2576] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [2684] 0x00A50000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2740] 0x00D20000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\ehome\ehtray.exe [2940] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\ZuneLauncher.exe [3068] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\WINDOWS\System32\DLA\DLACTRLW.EXE [3236] 0x00C90000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\DOCUME~1\JODIS~1\LOCALS~1\Temp\clclean.0001 [3248] 0x10000000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [3352] 0x012A0000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [3552] 0x00F30000
Library C:\WINDOWS\system32\hogoreti.dll (*** hidden *** ) @ C:\Program Files\Digital Line Detect\DLG.exe [4056] 0x012A0000
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 10/23/2009 10:31:47 AM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Jodi S\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.06% Memory free
3.84 Gb Paging File | 3.15 Gb Available in Paging File | 82.19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 293.41 Gb Total Space | 261.30 Gb Free Space | 89.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JODI
Current User Name: Jodi S
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Jodi S\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Jodi S\Local Settings\temp\clclean.0001 (Macrovision Europe Ltd.)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Cisco Systems\SSL VPN Client\agent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
PRC - C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Kontiki\KService.exe ()
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe (Trend Micro Inc.)
PRC - C:\Program Files\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\WINDOWS\System32\CTsvcCDA.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\WINDOWS\System32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDA.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\System32\ZuneBusEnum.exe (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Labs Licensing Service [Auto | Running]) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\System32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (KService [Auto | Running]) -- C:\Program Files\Kontiki\KService.exe ()
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MSSQLSERVER [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PcCtlCom [Auto | Stopped]) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe (Trend Micro Inc.)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\System32\HPZipm12.exe (HP)
SRV - (SQLSERVERAGENT [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (STCAgent [Auto | Running]) -- C:\Program Files\Cisco Systems\SSL VPN Client\agent.exe (Cisco Systems, Inc.)
SRV - (Tmntsrv [Auto | Running]) -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe (Trend Micro Inc.)
SRV - (TmPfw [Auto | Running]) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe (Trend Micro Inc.)
SRV - (tmproxy [Auto | Stopped]) -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe (Trend Micro Inc.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ZuneBusEnum [Auto | Running]) -- C:\WINDOWS\System32\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc [On_Demand | Stopped]) -- c:\Program Files\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- C:\WINDOWS\System32\ZuneWlanCfgSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (CSVirtA [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\CSVirtA.sys (Cisco Systems, Inc.)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys (Creative Technology Ltd)
DRV - (CTUSFSYN [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ctusfsyn.sys (Creative Technology Ltd.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (monfilt [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\monfilt.sys (Creative Technology Ltd.)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NAL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\iqvw32.sys (Intel Corporation )
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ctoss2k.sys (Creative Technology Ltd.)
DRV - (PfModNT [Auto | Running]) -- C:\WINDOWS\System32\drivers\PfModNT.sys (Creative Technology Ltd.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (tmcfw [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\TM_CFW.sys (Trend Micro Inc.)
DRV - (tmpreflt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\tmpreflt.sys (Trend Micro Inc.)
DRV - (tmtdi [System | Running]) -- C:\WINDOWS\System32\DRIVERS\tmtdi.sys (Trend Micro Inc.)
DRV - (tmxpflt [Auto | Running]) -- C:\WINDOWS\System32\drivers\TmXPFlt.sys (Trend Micro Inc.)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (vsapint [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\vsapint.sys (Trend Micro Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WinUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\WinUSB.sys (Microsoft Corporation)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\zumbus.sys (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Jodi S\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\System32\guziyazi.dll ()
MOD - C:\WINDOWS\System32\mslbui.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\naduyoti.dll ()
MOD - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\sobikada.dll ()
MOD - C:\WINDOWS\System32\umdmxfrm.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070115
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070115
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.aol.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/27 06:37:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:33 | 00,000,000 | ---D | M]
O1 HOSTS File: (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellHelp] C:\Dell\DellHelp\DellHelp.exe (Dell Inc)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [kelemihuj] C:\WINDOWS\System32\sobikada.DLL ()
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VoiceCenter] C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [EPSON NX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDef.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk = C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Jodi S\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3}
http://zone.msn.com/...UI.cab55579.cab (StagingUI Object)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715}
http://www.creative....030/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
http://www.kaspersky...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8}
http://zone.msn.com/...dy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF}
http://download.micr...20/pmupd806.exe (MSN Money Charting)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3}
http://zone.msn.com/...at.cab55579.cab (ZonePAChat Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1170483886953 (MUWebControl Class)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850}
http://crwts01.corp....tsweb/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA}
http://zone.msn.com/...O1.cab60096.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8B6193F1-837F-11D4-89E6-0050DA666184}
http://download.soli...d/solitaire.cab (Sol2axctl Class)
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0}
http://aolsvc.aol.co...mesLauncher.cab (SpinTop Games Launcher)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
http://66.255.127.85...sCamControl.ocx (CamImage Class)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A}
http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722}
http://www.gamehouse.../DVCControl.cab (DVC Download Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43}
http://entriq.vo.lln...0_15_Silent.cab (MediaControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937}
http://zone.msn.com/...xy.cab55579.cab (MSN Games – Game Communicator)
O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F}
http://entriq.vo.lln...sal_1_0_0_9.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://www.creative....15030/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (naduyoti.dll) - C:\WINDOWS\System32\naduyoti.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\sobikada.dll) - C:\WINDOWS\System32\sobikada.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (logon.exe) - C:\WINDOWS\System32\logon.exe ()
O21 - SSODL: seguribih - {f6679161-1e2c-4a48-a675-68a180df6bda} - C:\WINDOWS\System32\sobikada.dll ()
O22 - SharedTaskScheduler: {f6679161-1e2c-4a48-a675-68a180df6bda} - mujuzedij - C:\WINDOWS\System32\sobikada.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4a79c87e-160b-11dc-9121-0019d12f4139}\Shell\AutoRun\command - "" = E:\JDSecure\Windows\JDSecure31.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/10/23 10:30:45 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jodi S\Desktop\OTL.exe
[2008/12/12 13:46:00 | 02,698,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXcontrols.dll
[2008/12/12 13:45:48 | 01,682,232 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.dll
[2008/12/12 13:45:48 | 00,985,912 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShell.dll
[2008/12/12 13:45:48 | 00,636,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDBApi.dll
[2008/12/12 13:45:46 | 00,686,904 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIX.renderapi.dll
[2008/12/12 13:41:18 | 12,621,952 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellResources.dll
[2008/12/12 13:41:18 | 05,648,512 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNativeLib.dll
[2008/12/12 13:41:18 | 05,117,568 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNss.exe
[2008/12/12 13:41:18 | 01,694,848 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEncEng.dll
[2008/12/12 13:41:16 | 01,331,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXrender.dll
[2008/12/12 13:41:16 | 01,077,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMarketplaceResources.dll
[2008/12/12 13:41:16 | 01,057,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneH264Dec.dll
[2008/12/12 13:41:16 | 00,914,048 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCore.dll
[2008/12/12 13:41:16 | 00,843,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneMde.dll
[2008/12/12 13:41:14 | 00,830,080 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSetup.exe
[2008/12/12 13:41:14 | 00,682,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneQP.dll
[2008/12/12 13:41:14 | 00,411,264 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSP.dll
[2008/12/12 13:41:12 | 00,592,000 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneService.dll
[2008/12/12 13:41:12 | 00,380,032 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSE.dll
[2008/12/12 13:41:10 | 00,349,824 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneResources.dll
[2008/12/12 13:41:08 | 00,313,472 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZUNEMP4SDECD.dll
[2008/12/12 13:41:08 | 00,306,304 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSrcWrp.dll
[2008/12/12 13:41:08 | 00,299,648 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneSH.dll
[2008/12/12 13:41:08 | 00,298,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEvr.dll
[2008/12/12 13:41:08 | 00,265,344 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneNssci.dll
[2008/12/12 13:41:08 | 00,174,720 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDB.dll
[2008/12/12 13:41:06 | 00,169,088 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Zune.exe
[2008/12/12 13:41:06 | 00,157,312 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneLauncher.exe
[2008/12/12 13:41:04 | 00,118,400 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePresenter.dll
[2008/12/12 13:41:04 | 00,117,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneAACDec.dll
[2008/12/12 13:41:04 | 00,113,792 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEffects.dll
[2008/12/12 13:40:58 | 00,059,008 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneDXVA2.dll
[2008/12/12 13:40:58 | 00,050,304 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneCfg.dll
[2008/12/12 13:40:58 | 00,044,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneConfig.exe
[2008/12/12 13:40:58 | 00,043,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShellExt.dll
[2008/12/12 13:40:58 | 00,039,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneEnc.exe
[2008/12/12 13:40:56 | 00,032,384 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UIXsup.dll
[2008/12/12 13:40:56 | 00,021,120 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZunePS.dll
[2008/12/12 13:40:54 | 00,019,072 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ZuneShare.exe
[2008/11/10 13:15:00 | 00,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Program Files\l3codecp.acm
[2008/09/12 15:38:42 | 00,382,240 | ---- | C] (MusicNet, Inc.) -- C:\Program Files\WMHelper.dll
[2007/08/27 16:56:58 | 01,089,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msidcrl40.dll
========== Files - Modified Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/23 10:32:25 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\zuyanabe
[2009/10/23 10:30:48 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jodi S\Desktop\OTL.exe
[2009/10/23 09:10:54 | 00,001,856 | -H-- | M] () -- C:\Documents and Settings\Jodi S\My Documents\Default.rdp
[2009/10/23 08:06:53 | 00,291,328 | ---- | M] () -- C:\Documents and Settings\Jodi S\Desktop\gmer.exe
[2009/10/23 05:28:05 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/21 17:33:57 | 00,026,628 | ---- | M] () -- C:\WINDOWS\System32\logon.exe
[2009/10/19 12:18:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/17 08:36:03 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/17 03:15:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/17 03:15:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/17 03:15:29 | 21,369,07776 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/17 03:09:17 | 00,533,226 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/17 03:09:17 | 00,463,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/17 03:09:17 | 00,079,920 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/17 03:04:33 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/15 22:34:25 | 00,022,458 | ---- | M] () -- C:\Documents and Settings\Jodi S\My Documents\Cable Payment.TIF
[2009/10/10 14:30:07 | 00,000,000 | ---- | M] () -- C:\Program Files\temp01
[2009/09/27 15:50:23 | 00,000,374 | ---- | M] () -- C:\WINDOWS\BTW.INI
[2009/09/27 15:50:18 | 00,000,829 | ---- | M] () -- C:\WINDOWS\win.ini
========== Files - No Company Name ==========
[2009/10/21 17:33:58 | 00,026,628 | ---- | C] () -- C:\WINDOWS\System32\logon.exe
[2009/10/16 13:22:44 | 00,291,328 | ---- | C] () -- C:\Documents and Settings\Jodi S\Desktop\gmer.exe
[2009/10/10 14:30:07 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[2009/08/08 15:29:53 | 00,000,044 | ---- | C] () -- C:\WINDOWS\EPNX100.ini
[2009/07/23 05:39:06 | 00,089,088 | -HS- | C] () -- C:\WINDOWS\System32\sobikada.dll
[2009/07/23 05:39:06 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\lojuzuvi.dll
[2009/07/22 17:38:57 | 00,089,088 | -HS- | C] () -- C:\WINDOWS\System32\bedukivu.dll
[2009/07/22 17:38:57 | 00,038,912 | -HS- | C] () -- C:\WINDOWS\System32\haguzipu.dll
[2009/07/22 05:39:27 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\rewapabi.dll
[2009/07/22 05:39:27 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\naduyoti.dll
[2009/07/22 05:39:27 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\guziyazi.dll
[2009/07/22 05:38:57 | 00,086,016 | -HS- | C] () -- C:\WINDOWS\System32\suwineji.dll
[2009/07/22 05:38:56 | 00,172,544 | -HS- | C] () -- C:\WINDOWS\System32\gigelunu.dll
[2009/07/22 05:38:56 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\mirukilo.dll
[2009/07/21 17:38:47 | 00,169,984 | -HS- | C] () -- C:\WINDOWS\System32\kahoyubu.dll
[2009/07/21 17:38:47 | 00,086,016 | -HS- | C] () -- C:\WINDOWS\System32\rinuviva.dll
[2009/02/12 21:53:38 | 00,000,175 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\OutlookFail.20090212.log
[2009/01/20 20:39:25 | 00,001,039 | ---- | C] () -- C:\WINDOWS\VIEWER.INI
[2009/01/20 20:39:19 | 00,000,374 | ---- | C] () -- C:\WINDOWS\BTW.INI
[2008/12/25 10:14:22 | 00,000,000 | ---- | C] () -- C:\Program Files\WMHelper.log
[2008/09/12 15:42:22 | 00,000,802 | ---- | C] () -- C:\Program Files\Zune.exe.config
[2008/09/12 15:41:38 | 00,155,552 | ---- | C] () -- C:\Program Files\softwaremap_frc.png
[2008/09/12 15:41:38 | 00,001,922 | ---- | C] () -- C:\Program Files\TopBar.gif
[2008/09/12 15:41:38 | 00,001,885 | ---- | C] () -- C:\Program Files\ZuneLogo.gif
[2008/09/12 15:41:36 | 00,156,314 | ---- | C] () -- C:\Program Files\softwaremap_esm.png
[2008/09/12 15:41:36 | 00,152,910 | ---- | C] () -- C:\Program Files\softwaremap.png
[2008/09/12 15:41:36 | 00,000,302 | ---- | C] () -- C:\Program Files\Background.jpg
[2008/09/12 15:41:36 | 00,000,054 | ---- | C] () -- C:\Program Files\Arrow.gif
[2008/05/01 20:26:50 | 00,000,119 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/27 15:52:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\system.ini
[2008/03/06 21:14:56 | 00,000,383 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/03/06 21:14:39 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/12/30 12:48:29 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/04/25 15:17:42 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/04/16 22:21:28 | 00,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/15 07:24:02 | 00,006,656 | ---- | C] () -- C:\Documents and Settings\Jodi S\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/12 22:55:22 | 00,000,044 | ---- | C] () -- C:\WINDOWS\VistaEmail.ini
[2007/01/29 00:30:17 | 00,000,187 | ---- | C] () -- C:\Documents and Settings\Jodi S\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2007/01/21 23:26:10 | 00,003,072 | ---- | C] () -- C:\Documents and Settings\Jodi S\Application Data\dvd.bmk
[2007/01/19 01:24:57 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/18 20:50:55 | 03,364,426 | -H-- | C] () -- C:\Documents and Settings\Jodi S\Local Settings\Application Data\IconCache.db
[2007/01/18 20:50:55 | 00,019,888 | ---- | C] () -- C:\Documents and Settings\Jodi S\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/01/18 20:50:55 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Jodi S\Local Settings\Application Data\fusioncache.dat
[2007/01/18 20:50:55 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Jodi S\Application Data\desktop.ini
[2007/01/15 22:23:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/01/15 22:16:37 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/01/15 22:09:09 | 00,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2007/01/15 22:08:26 | 00,010,820 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2007/01/15 22:08:12 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\mes2046.dll
[2007/01/15 21:46:34 | 01,355,042 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2007/01/15 21:46:12 | 00,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/01/15 21:46:12 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2007/01/15 21:44:54 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 02:38:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 05:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:24 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/16 05:18:43 | 00,000,829 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2009/08/08 15:33:40 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/16 20:36:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/01/15 22:10:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2008/01/29 11:22:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2007/09/26 18:10:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Entriq
[2009/08/08 15:32:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/12/26 18:36:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2007/10/11 03:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2008/04/02 19:15:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/03/27 12:05:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\N1
[2007/03/08 00:26:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/07/22 21:04:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/07/19 13:21:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2007/11/19 13:36:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/07/26 13:58:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SonyPicturesGames
[2007/04/01 21:56:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2009/10/10 14:30:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/04/05 22:16:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/08/08 15:33:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/03/26 07:21:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/03/10 17:00:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007/01/15 22:17:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2008/07/21 06:42:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/03/26 07:21:18 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jodi S\Application Data
[2007/01/19 01:29:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\acccore
[2007/01/19 01:23:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Aim
[2008/03/31 07:22:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\iWin
[2008/03/30 21:36:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\iWinArcade
[2007/01/21 15:56:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Leadertech
[2008/04/02 19:15:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Ludia
[2008/07/09 05:55:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Move Networks
[2007/10/16 04:53:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\MP3Rocket
[2007/04/25 15:19:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Panasonic
[2007/03/29 22:59:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Roxio
[2008/10/12 18:50:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jodi S\Application Data\Solitaire.Com
[2009/10/19 12:18:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/10 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/23 05:28:05 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/10/17 03:15:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FE747C7
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7FB468B7
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E0E19514
< End of report >
OTL Extras logfile created on: 10/23/2009 10:31:47 AM - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Documents and Settings\Jodi S\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.06% Memory free
3.84 Gb Paging File | 3.15 Gb Available in Paging File | 82.19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 293.41 Gb Total Space | 261.30 Gb Free Space | 89.06% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JODI
Current User Name: Jodi S
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Canasis\canasis.exe" = C:\Program Files\Canasis\canasis.exe:*:Enabled:Canasis -- (Metamorphosis Productions International)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" = C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe:*:Enabled:CTSyncU -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0A0873E1-D9BA-4994-B85D-A0A331EF1F0C}" = Intel® PRO Network Connections
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{27555031-A116-4EC6-9991-7B400142A936}" = HP PSC & OfficeJet 6.1.A
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{46C73DE4-E96D-4F7C-8371-F28052183B12}" = Advanced Decoder Patch
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{51E2559D-F321-4B7A-81BE-0E7C168A4680}_is1" = Double Solitaire 2.00
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7C49EA42-5647-4051-84C2-E6404F25A931}" = Yahoo! Music Jukebox
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2AE3F6-79DF-423C-91CB-389F6FB5837B}" = Andrea VoiceCenter
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{DA932D71-E52A-43D5-009E-395A1AEC1474}" = The Sims™ Life Stories
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}" = Trend Micro PC-cillin Internet Security 14
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_6" = AIM 6
"AOL Instant Messenger" = AOL Instant Messenger
"BFGC" = Big Fish Games Client
"BFG-Family Feud" = Family Feud
"Canasis Games_is1" = Canasis Games (Aug 27 2006)
"Cisco Systems SSL VPN Client" = Cisco SSL VPN Client
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Creative Audio Pack" = Creative Audio Pack
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"Dell Game Console" = Dell Game Console
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"Entriq MediaSphere_is1" = Entriq MediaSphere 3.6.0.15
"EPSON NX100 Series" = EPSON NX100 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Hijackthis_is1" = Hijackthis 1.99.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Mah Jong Quest" = Mah Jong Quest (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006a" = MSN Money Investment Toolbox
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer Basic
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"SearchAssist" = SearchAssist
"Shockwave" = Shockwave
"Sound Blaster Audigy ADVANCED MB Product Registration" = Sound Blaster Audigy ADVANCED MB Product Registration
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SysInfo" = Creative System Information
"TmPcc" = Trend Micro PC-cillin Internet Security 14
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"ZENcast Organizer" = ZENcast Organizer
"Zune" = Zune
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/28/2009 6:28:35 AM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16876, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/28/2009 6:28:51 AM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16876, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/28/2009 6:29:45 AM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16876, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/5/2009 10:20:29 AM | Computer Name = JODI | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
Error - 9/10/2009 6:00:09 AM | Computer Name = JODI | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
Error - 9/30/2009 10:16:40 PM | Computer Name = JODI | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
Error - 9/30/2009 10:19:42 PM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application mstsc.exe, version 6.0.6001.18000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/30/2009 10:19:43 PM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application mstsc.exe, version 6.0.6001.18000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/30/2009 10:19:43 PM | Computer Name = JODI | Source = Application Hang | ID = 1002
Description = Hanging application mstsc.exe, version 6.0.6001.18000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/17/2009 8:36:02 AM | Computer Name = JODI | Source = STCAgent | ID = 50331650
Description = Termination reason code 10 [FAST_USER_SWITCH]
[ System Events ]
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\Epson Software\Easy
Photo Print\Microsoft.VC80.MFC\MFC80.DLL. Reference error message: The operation
completed successfully. .
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 10/4/2009 8:36:26 PM | Computer Name = JODI | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\Epson Software\Easy
Photo Print\Microsoft.VC80.MFC\MFC80.DLL. Reference error message: The operation
completed successfully. .
Error - 10/21/2009 8:27:53 PM | Computer Name = JODI | Source = Service Control Manager | ID = 7034
Description = The Trend Micro Proxy Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 10/21/2009 8:28:03 PM | Computer Name = JODI | Source = Service Control Manager | ID = 7034
Description = The Trend Micro Central Control Component service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/23/2009 10:23:47 AM | Computer Name = JODI | Source = Dhcp | ID = 1002
Description = The IP address lease 173.168.73.162 for the Network Card with network
address 0019D12F4139 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 10/23/2009 10:24:19 AM | Computer Name = JODI | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.100.10
on the Network Card with network address 0019D12F4139.
< End of report >
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
