bobonridge

Members
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Neutral

About bobonridge

  • Rank
    Newbie
  1. Copied from the log file: Logfile created: 11/29/2011 05:44:20 Ad-Aware version: 9.6.0 Extended engine: 3 Extended engine version: 3.1.2770 User performing scan: Robert *********************** Definitions database information *********************** Lavasoft definition file: 150.631 Genotype definition file version: 2011/10/12 12:14:17 Extended engine definition file: 11173.0 ******************************** Scan results: ********************************* Scan profile name: Full Scan (ID: full) Objects scanned: 217410 Objects detected: 1 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 1 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0 [b]Skipped items:[/b] [b]Description: c:\documents and settings\robert\my documents\downloads\ilividsetupv1.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 4013134a2420f46ffc63bfbe31bea0ac[/b]
  2. Additional info/question: I saw a suggestion to run Ad-Aware in Safe Mode: but when I try that I get the message "Unable to connect to service" and the program never starts. I unchecked the options for automatically checking for updates, etc and the same thing happens. --
  3. Per posting instructions, I'm pasting in the two files OTL.txt and Extras.txt. Ad-Aware keeps finding win32.pup.bandoo(800) even after re-booting, re-Updating. Not found by Malwarebytes or Spybot. No apparent suspicious behavior. OTL: OTL logfile created on: 11/30/2011 5:07:26 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Robert\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.50 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 65.33% Memory free 3.09 Gb Paging File | 2.15 Gb Available in Paging File | 69.36% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.72 Gb Total Space | 40.92 Gb Free Space | 36.63% Space Free | Partition Type: NTFS Computer Name: JEEVES | User Name: Robert | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Robert\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.) PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.) PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Fuji Medical System\Synapse\Workstation\SynapseUpdateManager.exe (FUJIFILM Medical Systems U.S.A., Inc.) PRC - C:\Documents and Settings\Robert\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\CheckPoint\ZoneAlarm\MailFrontier\mantispm.exe (SonicWALL, Inc.) PRC - C:\Program Files\Quicken\bagent.exe (Intuit Inc.) PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com)) PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) PRC - C:\Program Files\Essentials Codec Pack\WECPUpdate.exe (MediaCodec.Org) PRC - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiSynapseBridge.exe (FUJIFILM Medical Systems U.S.A., Inc.) PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) PRC - C:\Program Files\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.) PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe () PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe () PRC - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( ) PRC - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.) PRC - C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files\Creative\MediaSource5\MtdAcqu.exe (Creative Technology Ltd) PRC - C:\WINDOWS\SYSTEM32\ImagecastInterface.exe (IDX Systems Corporation) PRC - C:\WINDOWS\SYSTEM32\dlbtcoms.exe (Dell) PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll () MOD - C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll () MOD - C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll () MOD - C:\Program Files\Lavasoft\Ad-Aware\unrar.dll () MOD - C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll () MOD - C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll () MOD - C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw () MOD - C:\Program Files\CheckPoint\ZoneAlarm\MailFrontier\crsrpt.dll () MOD - C:\Program Files\CheckPoint\ZoneAlarm\MailFrontier\MlfHook.dll () MOD - C:\Program Files\CheckPoint\ZoneAlarm\MailFrontier\mtdsdk.dll () MOD - C:\Program Files\CheckPoint\ZoneAlarm\MailFrontier\resources\mbzaenu.dll () MOD - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe () MOD - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe () MOD - C:\Program Files\Dell Photo AIO Printer 922\dlbtmcro.dll () MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPrint.dll () MOD - C:\Program Files\Dell Photo AIO Printer 922\JetScan.dll () MOD - C:\Program Files\Dell Photo AIO Printer 922\JetImage.dll () MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPDF.dll () MOD - C:\Program Files\Dell Photo AIO Printer 922\JetFunc.dll () MOD - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\DLBTSTRN.DLL () MOD - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\DLBTPCFG.DLL () MOD - C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\DLBTPP5C.DLL () MOD - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\DLBTUI5C.DLL () MOD - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\DLBTDR5C.DLL () MOD - C:\Program Files\Dell Photo AIO Printer 922\ConvDIB.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.) SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.) SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies) SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD) SRV - (SynapseUpdateSvc) -- C:\Program Files\Fuji Medical System\Synapse\Workstation\SynapseUpdateManager.exe (FUJIFILM Medical Systems U.S.A., Inc.) SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (www.carbonite.com)) SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (AshampooDefragService) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe ( ) SRV - (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (dlbt_device) -- C:\WINDOWS\System32\dlbtcoms.exe (Dell) SRV - (RampartSvc) -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe (SonicWALL, Inc.) SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel(R) Corporation) SRV - (EPSONStatusAgent2) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV - (Vsdatant) -- C:\WINDOWS\SYSTEM32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (KL1) -- C:\WINDOWS\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO) DRV - (kl2) -- C:\WINDOWS\SYSTEM32\DRIVERS\kl2.sys (Kaspersky Lab ZAO) DRV - (KLIF) -- C:\WINDOWS\SYSTEM32\DRIVERS\klif.sys (Kaspersky Lab) DRV - (radpms) -- C:\WINDOWS\SYSTEM32\DRIVERS\radpms.sys (LogMeIn, Inc.) DRV - (BVRPMPR5) -- C:\WINDOWS\SYSTEM32\DRIVERS\BVRPMPR5.SYS (Avanquest Software) DRV - (FilterService) -- C:\WINDOWS\SYSTEM32\DRIVERS\lvuvcflt.sys (Logitech Inc.) DRV - (LVUVC) Logitech Webcam Pro 9000(UVC) -- C:\WINDOWS\SYSTEM32\DRIVERS\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\WINDOWS\SYSTEM32\DRIVERS\lvrs.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys () DRV - (LMouFilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\LHidFilt.Sys (Logitech, Inc.) DRV - (LBeepKE) -- C:\WINDOWS\SYSTEM32\DRIVERS\LBeepKE.sys (Logitech, Inc.) DRV - (ctxusbm) -- C:\WINDOWS\SYSTEM32\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.) DRV - (LMIRfsDriver) -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys (LogMeIn, Inc.) DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.) DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.) DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys () DRV - (MCSTRM) -- C:\WINDOWS\System32\drivers\mcstrm.sys (RealNetworks, Inc.) DRV - (SIODRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\SIODRV.SYS (Intel Corporation) DRV - (SMBios) Intel (R) -- C:\WINDOWS\SYSTEM32\DRIVERS\SMBios.sys (Intel Corporation) DRV - (RCFOX) -- C:\WINDOWS\SYSTEM32\DRIVERS\RCFOX.SYS (SonicWALL, Inc.) DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys (Intel(R) Corporation) DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys (Intel(R) Corporation) DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys (Intel(R) Corporation) DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys (Intel(R) Corporation) DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys (Intel(R) Corporation) DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys (Intel(R) Corporation) DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys (Intel(R) Corporation) DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys (Intel(R) Corporation) DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys (Intel(R) Corporation) DRV - (i81x) -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys (Intel(R) Corporation) DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.) DRV - (DNE) -- C:\WINDOWS\SYSTEM32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.) DRV - (ZSMC302) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbvm302.sys (VM) DRV - (IntelC52) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys (Intel Corporation) DRV - (IntelC51) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys (Intel Corporation) DRV - (IntelC53) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys (Intel Corporation) DRV - (mohfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys (Intel Corporation) DRV - (bvrp_pci) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys () DRV - (rcvpn) -- C:\WINDOWS\SYSTEM32\DRIVERS\rcvpn.sys (SonicWALL, Inc.) DRV - (TBU11) -- C:\WINDOWS\SYSTEM32\DRIVERS\tbu11.sys (Voyetra Turtle Beach, Inc.) DRV - (omci) -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys (Dell Computer Corporation) DRV - (dfrusb) -- C:\WINDOWS\SYSTEM32\DRIVERS\dfrusb.sys (Identix Incorporated) DRV - (EPUSBSTOR) -- C:\WINDOWS\SYSTEM32\DRIVERS\epusbsto.sys (SEIKO EPSON CORPORATION) DRV - (msloop) -- C:\WINDOWS\SYSTEM32\DRIVERS\loop.sys (Microsoft Corporation) DRV - (EL90XBC) -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS (3Com Corporation) DRV - (Eplpdx02) -- C:\WINDOWS\SYSTEM32\DRIVERS\EPLPDX02.SYS (MK Systems CO., LTD.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.ynhhs-mdlink.com/default.asp?/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = https://www.ynhhs-mdlink.com/default.asp?/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll (FUJIFILM Medical Systems U.S.A., Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.med.yale.edu:3128 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0493D792-5C92 -440b-81A8-AD6CDFC75212}: C:\Program Files\Yamaha Corporation\Digital Music Notebook\Common\Bootstrapper\XpCom\ [2010/12/12 04:08:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3 -449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/09/08 18:15:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/04 20:04:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/04 20:04:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/17 07:15:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/09/14 21:32:29 | 000,000,000 | ---D | M] [2010/07/04 21:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Extensions [2010/07/04 21:26:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/11/22 13:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions [2011/11/22 13:41:20 | 000,000,000 | ---D | M] (ZoneAlarm Security Suite Community Toolbar) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\{3ce45c4f-bf ff-4988-9a3c-a75c1f491319} [2011/11/22 13:41:28 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\{e4a8a97b-f2 ed-450b-b12d-ee082ba24781} [2011/10/30 19:32:10 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\[email protected] .com [2011/06/22 21:41:42 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\LogMeInClien [email protected] [2011/04/23 15:35:00 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\searchtoolba [email protected] [2009/10/03 10:05:58 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\gbieqipb.default\extensions\[email protected] stry.com [2011/10/21 05:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/07/14 21:38:30 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010/06/24 20:07:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/05 06:56:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/05 19:23:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/05 06:29:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/05 00:44:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/07/02 20:56:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011/10/21 05:32:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011/10/12 21:08:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009/09/12 22:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll [2009/09/12 22:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2009/09/12 22:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll [2009/09/12 22:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2007/02/04 22:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2009/09/12 22:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll [2008/05/19 13:57:00 | 002,641,920 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npRACtrl.dll [2006/01/18 11:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll [2005/04/27 16:31:10 | 000,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\mozilla firefox\plugins\NPUploader.dll [2008/02/28 13:30:00 | 000,008,784 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll [2009/09/12 22:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2008/02/28 13:33:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\unicows.dll [2011/10/12 21:08:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google: originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:i nstantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={s earchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{googl e:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searc hTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin8.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.d ll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: Logitech Device Detection (Enabled) = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.23.0.5_0\np LogitechDeviceDetection.dll CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll CHR - plugin: LogMeIn, Inc. Remote Access Components 1.0.0.381 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npRACtrl.dll CHR - plugin: Snapfish Plugin for Firefox (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll CHR - plugin: Shutterfly Upload Plugin 2.0.4.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: RealOne Player Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Logitech Device Detection = C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.23.0.5_0\ O1 HOSTS File: ([2008/11/14 00:55:51 | 000,287,978 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 10.254.254.253 Xdrive O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com O1 - Hosts: 9925 more lines... O2 - BHO: (Synapse BHO Class) - {33414365-E6C7-460d-880A-A163BD69E84D} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll (FUJIFILM Medical Systems U.S.A., Inc.) O2 - BHO: (ZoneAlarm Security Suite Toolbar) - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dl l (Check Point Software Technologies) O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll File not found O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Suite Toolbar) - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll File not found O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dl l (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Suite Toolbar) - {3CE45C4F-BFFF-4988-9A3C-A75C1F491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dl l (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" File not found O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DefragTaskBar] C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe () O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL () O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [FujiSynapseBridge] C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiSynapseBridge.exe (FUJIFILM Medical Systems U.S.A., Inc.) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [Synapse URLSearchHook Configuration] C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFld.dll (FUJIFILM Medical Systems U.S.A., Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [MtdAcqu] C:\Program Files\Creative\MediaSource5\MtdAcqu.exe (Creative Technology Ltd) O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe (Intuit Inc.) O4 - Startup: C:\Documents and Settings\Robert\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Robert\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll (Picasa, Inc.) O9 - Extra 'Tools' menuitem : Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll (Picasa, Inc.) O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites) O15 - HKCU\..Trusted Domains: ynhh.org ([citrix] https in Trusted sites) O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} http://site.ebrary.com/support/plugins/ebraryRdr.cab (Infotl Control) O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.comcastsupport.com/sdcxuser/asp/tgctlsr.cab (SupportSoft Script Runner Class) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class) O16 - DPF: {0D07C1FF-49FF-49A4-B453-6E067B51F1AE} https://radpacs.ynhh.org/iSite3_0.cab (ISiteNonVisual Control 3.01) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB (PCPitstop Utility) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {1FBD11EF-1260-11D1-87A7-444553540001} https://yalepacs.ynhh.org (Synapse) O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} http://download.zonelabs.com/bin/free/cm/ICSCM.cab (ICSScannerLight Class) O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} http://o.aolcdn.com/pictures/ap/Resources/2.0.8.98/cab/aolpPlugins.10. 6.0.6.cab (AOL Pictures Uploader Class) O16 - DPF: {2EC77245-C97C-4F5E-80D1-9B280C4CD820} http://download.mailfrontier.com/matador/instmtdr.cab (Reg Error: Key error.) O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} https://support.microsoft.com/OAS/ActiveX/odc.cab (Microsoft Data Collection Control) O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} http://www.pestscan.com/scanner/axscanner.cab (PPSDKActiveXScanner.MainScreen) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-9 4901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine) O16 - DPF: {4125262D-2E47-11D3-9387-00C04F5B12B1} https://www.backup.com/user/webrestore.cab (WRXCtl Class) O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab (Install Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/c lient/muweb_site.cab?1297990860779 (MUWebControl Class) O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win 32/activex/hcImpl.cab (Housecall ActiveX 6.5) O16 - DPF: {734F0ACB-CB01-4426-A8AB-A496C2583A40} https://idxwebssl.ynhh.org/fuji-idxrad/integration/ICAPI/ImagecastInte rface.CAB (DesktopSync Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://www.pandasoftware.com/activescan/as5/asinst.cab (ActiveScan Installer Class) O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} ftp://ftp.autodesk.com/pub/whip/english/whip.cab (Autodesk WHIP! Control) O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Registry Information Class) O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.c ab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.c ab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/activedata/SymAData.cab (ActiveDataInfo Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://fujimed.webex.com/client/T25L/support/ieatgpc.cab (Reg Error: Key error.) O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab (Creative Product Registration ActiveX Control Module) O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab (ActiveDataObj Class) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O16 - DPF: ppctlcab http://www.pestscan.com/scanner/ppctlcab.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60954C4F-C59A-49 7C-8D75-BDE3EF14B2CA}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop Components:0 () - http://swedish-weaving.com/images/smalloom.jpg O24 - Desktop WallPaper: C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Robert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002/09/03 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{6903e5a7-dda0-11de-b90a-006073e17f59}\Shell - "" = AutoRun O33 - MountPoints2\{6903e5a7-dda0-11de-b90a-006073e17f59}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{6903e5a7-dda0-11de-b90a-006073e17f59}\Shell\AutoRun\comm and - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/11/30 17:05:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe [2011/11/26 23:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Local Settings\Application Data\Programs [2011/11/16 22:31:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth [2011/11/04 20:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix [2011/11/04 20:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert\Local Settings\Application Data\Citrix [2010/11/09 08:27:15 | 000,237,568 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbtinsr.dll [2010/11/09 08:27:15 | 000,110,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbtins.dll [2007/01/30 14:35:00 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbtiesc.dll [2007/01/30 14:22:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbtinpa.dll [2007/01/30 14:17:02 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbthbn3.dll [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/11/30 17:06:32 | 000,007,542 | ---- | M] () -- C:\WINDOWS\ECCO.CFX [2011/11/30 17:06:32 | 000,006,068 | ---- | M] () -- C:\WINDOWS\ecco.fdb [2011/11/30 17:06:27 | 000,000,662 | ---- | M] () -- C:\WINDOWS\dellstat.ini [2011/11/30 17:04:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert\Desktop\OTL.exe [2011/11/30 17:03:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4246077919-1552412502-21 71021228-1006UA.job [2011/11/30 16:27:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/11/30 13:00:31 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/11/30 12:03:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4246077919-1552412502-21 71021228-1006Core.job [2011/11/30 08:19:35 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job [2011/11/30 08:08:39 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/11/30 08:03:21 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL [2011/11/30 08:02:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/11/30 08:02:19 | 2683,359,232 | -HS- | M] () -- C:\hiberfil.sys [2011/11/30 08:02:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT [2011/11/28 18:14:04 | 000,434,566 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT [2011/11/28 18:14:04 | 000,068,470 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT [2011/11/28 08:38:41 | 000,537,965 | ---- | M] () -- C:\WINDOWS\ecco.alm [2011/11/26 08:46:27 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/11/25 20:52:55 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2011/11/25 20:52:55 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2011/11/23 12:01:49 | 000,052,220 | ---- | M] () -- C:\Documents and Settings\Robert\My Documents\11-23-2011 12;01;16PM.RTF [2011/11/19 00:32:31 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Medical Expenses.lnk [2011/11/15 18:38:37 | 000,002,271 | ---- | M] () -- C:\Documents and Settings\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk [2011/11/12 19:48:14 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk [2011/11/12 08:14:43 | 000,001,241 | ---- | M] () -- C:\Documents and Settings\Robert\Desktop\LogMeIn Full Screen.lnk [2011/11/09 17:38:09 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/11/23 12:01:49 | 000,052,220 | ---- | C] () -- C:\Documents and Settings\Robert\My Documents\11-23-2011 12;01;16PM.RTF [2011/11/19 00:32:31 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Medical Expenses.lnk [2011/09/07 10:32:58 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2011/04/30 22:58:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/04/30 22:58:26 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2010/12/12 20:49:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\MSFDM.INI [2010/12/12 04:12:11 | 000,000,622 | ---- | C] () -- C:\WINDOWS\DMN.INI [2010/11/09 08:30:28 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll [2010/11/09 08:30:27 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll [2010/11/09 08:27:15 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\dlbtih.exe [2010/11/09 08:27:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll [2010/11/09 08:27:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll [2010/11/09 08:27:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll [2010/11/09 08:27:05 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll [2010/11/09 08:26:57 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll [2010/07/14 21:43:34 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/07/14 21:22:30 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe [2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2008/05/25 08:04:02 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini [2008/02/28 14:30:08 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll [2008/02/19 23:03:45 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe [2008/02/19 23:03:45 | 000,003,464 | ---- | C] () -- C:\WINDOWS\unins000.dat [2007/06/30 23:49:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\amcap.exe [2007/04/26 13:45:50 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys [2007/04/18 15:53:36 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2007/01/04 14:57:10 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2007/01/03 11:57:53 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys [2006/12/07 22:54:08 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2006/06/17 16:57:53 | 000,007,160 | ---- | C] () -- C:\WINDOWS\mozver.dat [2006/03/22 17:32:15 | 000,019,968 | ---- | C] () -- C:\WINDOWS\PHCREMOV.EXE [2006/03/22 17:32:15 | 000,016,384 | R--- | C] () -- C:\WINDOWS\System32\pcl2pdfnt.dll [2006/03/20 19:24:58 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006/02/19 18:35:54 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2006/02/19 18:35:54 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2006/02/19 18:35:54 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2006/02/19 18:35:54 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BD7220.dat [2006/02/19 18:35:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brwmark.ini [2006/02/19 18:35:16 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2006/02/18 17:34:05 | 000,000,039 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI [2006/02/18 17:33:48 | 000,000,077 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2006/02/18 17:33:40 | 000,000,454 | ---- | C] () -- C:\WINDOWS\PSDWIN.INI [2006/02/18 16:50:01 | 000,000,371 | ---- | C] () -- C:\WINDOWS\wmw.ini [2006/01/18 19:37:22 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Robert\Application Data\L8457789_1 [2006/01/05 18:44:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\npbdwn32.dll [2005/10/26 14:59:49 | 000,002,330 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini [2005/10/09 05:34:09 | 000,000,403 | ---- | C] () -- C:\WINDOWS\musicstr.ini [2005/10/09 05:28:49 | 000,000,087 | ---- | C] () -- C:\WINDOWS\inst.ini [2005/10/08 21:00:32 | 000,000,443 | ---- | C] () -- C:\WINDOWS\Musicbox.INI [2005/10/08 20:04:15 | 000,000,443 | ---- | C] () -- C:\WINDOWS\MUSBOX32.INI [2005/06/28 19:37:30 | 000,000,662 | ---- | C] () -- C:\WINDOWS\dellstat.ini [2005/06/28 19:35:03 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbtinsb.dll [2005/06/28 19:35:03 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlbtcub.dll [2005/05/30 20:32:30 | 000,003,013 | ---- | C] () -- C:\WINDOWS\System32\ole4lr.dll [2005/03/22 21:12:52 | 000,184,808 | ---- | C] () -- C:\Documents and Settings\Robert\Application Data\shb.dat [2005/02/07 23:46:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PezDownload.INI [2005/02/07 19:45:14 | 000,000,113 | ---- | C] () -- C:\WINDOWS\Picture Easy 3.ini [2005/02/07 19:45:12 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\inetwh16.dll [2004/12/22 13:34:55 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys [2004/12/08 22:23:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll [2004/11/16 20:36:05 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys [2004/11/16 20:36:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys [2004/08/29 05:04:26 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/07/02 18:24:15 | 000,795,904 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll [2004/06/04 20:48:34 | 000,000,607 | ---- | C] () -- C:\WINDOWS\EZAudio_trk.INI [2004/06/04 18:41:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2004/06/04 18:39:54 | 000,000,083 | ---- | C] () -- C:\WINDOWS\magix.ini [2004/05/01 10:13:29 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI [2004/04/26 19:54:07 | 000,023,455 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2004/04/18 00:06:07 | 000,001,998 | ---- | C] () -- C:\WINDOWS\tbs_bna.ini [2004/04/18 00:06:01 | 000,000,038 | ---- | C] () -- C:\WINDOWS\tbs_job.ini [2004/04/18 00:06:00 | 000,002,665 | ---- | C] () -- C:\WINDOWS\tbs_quiz.ini [2004/04/18 00:06:00 | 000,001,072 | ---- | C] () -- C:\WINDOWS\tbs_juke.ini [2004/04/18 00:06:00 | 000,000,034 | ---- | C] () -- C:\WINDOWS\tbs_tbh.ini [2004/04/18 00:05:59 | 000,001,159 | ---- | C] () -- C:\WINDOWS\tbs_bows.ini [2004/04/18 00:05:57 | 000,000,744 | ---- | C] () -- C:\WINDOWS\tbs_ss.ini [2004/04/18 00:05:55 | 000,000,040 | ---- | C] () -- C:\WINDOWS\tbs_menu.ini [2004/04/17 05:27:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VM.INI [2004/04/17 05:23:50 | 000,004,374 | ---- | C] () -- C:\WINDOWS\WORDACE1.INI [2004/04/17 05:19:02 | 000,000,280 | ---- | C] () -- C:\WINDOWS\EReg196.dat [2004/04/15 19:56:57 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT3.DAT [2004/04/13 21:03:51 | 000,001,498 | ---- | C] () -- C:\WINDOWS\genviewer.ini [2004/04/12 06:48:59 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ECCO.INI [2004/04/10 19:40:37 | 000,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI [2004/04/10 19:40:36 | 000,006,472 | ---- | C] () -- C:\WINDOWS\Icoadb32.dat [2004/04/10 15:56:56 | 000,000,067 | ---- | C] () -- C:\WINDOWS\IDMan.INI [2004/04/09 18:56:01 | 000,000,482 | ---- | C] () -- C:\WINDOWS\SmtBook.INI [2004/04/08 21:13:45 | 000,007,168 | ---- | C] () -- C:\WINDOWS\SMTB953X.DLL [2004/04/08 21:13:45 | 000,002,879 | ---- | C] () -- C:\WINDOWS\BOOKS2X.DLL [2004/04/08 21:13:45 | 000,001,792 | ---- | C] () -- C:\WINDOWS\SMTBK3X.DLL [2004/04/07 20:51:30 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI [2004/04/07 20:50:48 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2004/04/07 20:50:48 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL [2004/04/07 20:42:43 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Robert\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/04/06 23:16:18 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Robert\Local Settings\Application Data\fusioncache.dat [2004/04/06 22:01:00 | 000,000,092 | ---- | C] () -- C:\WINDOWS\MFPD.INI [2004/04/06 21:26:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004/04/06 21:11:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\INTURS.DAT [2004/04/06 21:08:30 | 000,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini [2004/04/06 21:07:40 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2004/04/06 20:49:57 | 000,000,106 | ---- | C] () -- C:\WINDOWS\webica.ini [2004/04/06 19:18:35 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\Datcrt.exe [2004/04/02 02:41:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2004/04/02 02:35:50 | 000,034,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE [2004/04/02 02:32:44 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI [2004/04/02 02:30:19 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2004/04/02 02:29:37 | 000,000,624 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/04/02 02:20:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT [2004/04/02 02:19:18 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/04/02 02:18:54 | 000,434,566 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT [2004/04/02 02:18:54 | 000,068,470 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT [2004/04/02 02:06:02 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/01/23 10:05:02 | 000,371,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004/01/23 10:03:50 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI [2003/11/20 14:39:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2002/09/03 14:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2002/09/03 14:31:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT [2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT [2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT [2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN [2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT [2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT [2002/03/14 11:00:26 | 000,038,567 | ---- | C] () -- C:\WINDOWS\System32\pcpbios.exe [2000/09/14 01:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT [1999/08/05 15:07:42 | 000,313,344 | ---- | C] () -- C:\WINDOWS\WF6REMOV.EXE [1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1998/08/16 04:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll [1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [color=#E56717]========== LOP Check ==========[/color] [2008/10/18 17:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo [2008/10/17 19:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite [2011/09/08 17:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint [2011/11/04 20:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix [2009/11/07 11:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK [2011/11/30 08:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2007/11/30 23:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier [2007/01/07 19:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster [2005/04/02 21:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NETg [2004/04/16 20:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2010/12/04 11:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Open Window Software [2010/03/13 17:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft [2007/06/27 22:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/03/13 08:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent [2006/03/19 00:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2007/01/27 22:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO [2008/01/04 19:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAMAHA [2010/12/12 04:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yamaha Corporation [2011/03/13 08:41:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{171E062A-F0D3-40F6-9A2F-10C4987C1939} [2011/03/13 08:47:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AFF419FB-6682-4A74-AA85-F3CE495D0346} [2006/03/19 00:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Aim [2007/05/05 16:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Anix Software [2009/11/07 10:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\CheckPoint [2004/09/24 21:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\DMCache [2011/11/30 16:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Dropbox [2010/09/18 19:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\ElevatedDiagnostics [2008/05/18 16:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Flickr [2004/08/23 18:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\FTW [2009/10/02 18:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\genline [2011/11/04 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\ICAClient [2009/07/20 17:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Image Zone Express [2007/05/31 13:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\JAM Software [2004/04/06 23:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Leadertech [2004/10/08 19:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Learn2.com [2010/07/12 20:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\MailFrontier [2005/09/23 19:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\MyFamily.com [2004/04/17 11:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\MyKey [2006/04/16 17:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Ofoto [2004/04/09 22:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Qualcomm [2007/01/04 10:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\ScanSoft [2006/04/02 10:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Serif [2007/08/12 18:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Snapfish [2011/11/28 21:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Spotify [2010/07/04 21:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Thunderbird [2009/10/25 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\W Photo Studio Viewer [2007/01/04 15:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Robert\Application Data\Xdrive [2011/11/30 08:08:39 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2011/11/30 13:00:31 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2011/11/30 08:19:35 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Codec Update Service.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:333B9FFC < End of report > Extras.txt: OTL Extras logfile created on: 11/30/2011 5:07:26 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Robert\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.50 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 65.33% Memory free 3.09 Gb Paging File | 2.15 Gb Available in Paging File | 69.36% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111.72 Gb Total Space | 40.92 Gb Free Space | 36.63% Space Free | Partition Type: NTFS Computer Name: JEEVES | User Name: Robert | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.) "C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader "C:\Program Files\Common Files\AOL\1167940654\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1167940654\ee\aolsoftware.exe:*:Enabled:AOL Services "C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe" = C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service "C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.) "C:\Documents and Settings\Robert\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Robert\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{03A4FDE6-BEDB-4C54-96D8-A7C5D0CE67AD}" = Identity Finder Enterprise Edition "{03B7F3F1-5A2C-4FC8-A4C1-AF6FE3F8E9AA}" = Genline FamilyFinder "{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004 "{06B8DAD8-2809-475E-BA9D-C34479A0D58A}" = Dell TrueMobile 2300 Control Utility "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager "{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web) "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement "{0FE68635-AB17-4548-B631-5C3629CCD19A}" = Microsoft Office Live Meeting 2005 Replay Wrapper "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12076ED5-921B-4231-9883-157092E6F2DA}" = Quicken Medical Expense Manager "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{178FDCAC-0CC9-433B-8E1C-96251615DCBE}" = Netflix Movie Viewer "{1EAD84B8-0075-432A-BFFF-B197581265AF}" = Transparent Language System "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{237a4b21-78c1-11d6-a394-00104bd190b1}" = QuickBooks Basic Edition 2003 "{25BB07FA-D9A0-478E-8A4B-38466A4E8BF2}" = Serif PagePlus SE 1.0 "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 29 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.3 "{31C44235-A613-4E95-B297-207BF6C6A8C1}" = Creative ZEN Vision M Series "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4 "{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = ABBYY FineReader OCR Engine for Microtek "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page "{385DD1DD-65AA-408D-8E70-74601C2DB7E6}" = Ad-Aware "{3B3D2CFD-3C21-4AA0-94DE-45577B5BAB16}" = Family Tree Maker 2011 "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold "{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support "{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox "{490082D5-9BCF-11D5-8EC3-00D0B75DD247}" = DataFlow "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{533A6E40-A0D5-4643-B9CE-9B03989EF159}" = Ad-Aware "{53648F92-1CC5-22D2-A6DF-00A0C9A23BCD}" = SonicWALL Global VPN Client "{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11 "{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB) "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool "{5EA24DA8-F398-42C7-8CDC-39273493C514}" = MicScope "{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011 "{62CB99B1-532B-40CC-8C14-3049473CB941}" = Synapse Workstation "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6c651250-2eb2-11d5-8e33-0050dad72ac2}" = NetZero "{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}" = YAMAHA Musicsoft Downloader 5 "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2 "{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04 "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{73108923-1D58-4C00-8E22-D71D98D0E0B4}" = ABF Outlook Express Backup "{7426CE93-9C84-4EB0-A143-3ADDF9CC02FB}" = The Music Box - A Personal Ear Trainer 3.0 "{74B0050D-709E-4BD4-A5F4-5A7819F324FA}" = Turtle Beach USB MIDI 1x1 "{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper "{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX) "{81929079-8CA2-4378-BCAA-620C666BF531}" = Scheduler "{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{856C155E-4A74-4041-B026-04F96FFD1BCD}" = ZIP Reader 8.00.0018 "{856D4888-3B48-4D0C-99D4-39AA7CF9DB2E}" = HP Photosmart Essential "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89EAD745-088B-4160-B964-42C4D4D273AD}" = Family Tree Maker 2010 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD91669-25C9-43CD-9367-BF60591B837B}" = Camedia Master 4.3 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4004E8B-6A95-4FA4-AA05-731FC6510474}" = Family Tree Maker 2005 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A725C340-77EE-11D6-BBC2-0000CB591583}" = A.F.5 Rename your files 1.1 "{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AF1B2B2E-03E3-458A-9DEB-32F8C7637374}" = ZoneAlarm Security "{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5 "{B40902A8-9A11-4FB5-8445-68075A504943}" = Yamaha's Digital Music Notebook "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B43B2355-E258-4C28-8A36-48E521862673}" = New York Times - Times Reader "{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BE7C3758-7CAF-4F1D-8F84-F4F09CFCC26C}" = Flishr "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C180FAEF-61D5-4A03-8328-A58D9CDD1C4C}" = ZoneAlarm Firewall "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{CA4EECED-20F3-4C2B-8A93-F39CB2063E71}" = ZoneAlarm Antivirus "{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF2606C7-63AF-40F4-8919-F2EC654ACC91}" = Napster for Windows Media Player "{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV) "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D5F881C2-B134-474E-AA60-B25DD218AE0D}" = Crash Analysis Tool "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor "{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5 "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{DCB91C79-B78B-44B1-A7FE-28DECA6E9245}" = Dell TrueMobile 2300 Wireless Broadband Router Control Utility "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48BE6D9-D8D4-434C-A199-7226A19FEA54}" = QuickLink Desktop "{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}" = LogMeIn "{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0 "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F17FE8C5-193F-48B6-8EE2-BE8CCEE3E6FB}" = SonicWALL Global VPN Client "{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}" = Family Tree Maker 2006 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement "{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "{FE85D571-8BFE-4AB9-A7FB-54BBCA2E910B}" = Family Tree Maker "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "Across Lite 2.0" = Across Lite 2.0 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "AOL Instant Messenger" = AOL Instant Messenger "AOL Pictures" = AOL Pictures Tools (version 10.6.0.6) "Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2 "AudibleManager" = AudibleManager "Belarc Advisor" = Belarc Advisor 8.1 "Birds of North America V2.5" = Birds of North America V2.5 "Byki Standard" = Byki Standard "CAL" = Canon Camera Access Library "CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX "Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder "Carbonite Backup" = Carbonite "Citrix ICA Client" = Citrix ICA Client "CitrixOnlinePluginPackWeb" = Citrix online plug-in - web "Creative Removable Disk Manager" = Creative Removable Disk Manager "CSCLIB" = Canon Camera Support Core Library "DBXanalyzer" = DBXanalyzer "Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver "Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922 "ECCO Pro" = NetManage ECCO Pro "Ecco Spell" = Ecco Spell "EOS Utility" = Canon Utilities EOS Utility "EPSON Printer and Utilities" = EPSON Printer Software "ExModule_is1" = ExModule 1.0 "Family Tree Maker 2010" = Family Tree Maker 2010 "Family Tree Maker 2011" = Family Tree Maker 2011 "Flickr Uploadr" = Flickr Uploadr 3.0.5 "GenSmarts_is1" = GenSmarts "GENViewer_is1" = GENViewer version 1.21 "HP Photo Printing Software" = HP Photo Printing Software "ie8" = Windows Internet Explorer 8 "Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem "KGFs Databas 2004" = KGFs Databas 2004 "LanguageNow!" = LanguageNow! "lvdrivers_12.10" = Logitech Webcam Software Driver Package "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Medicos" = Medicos "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MightyFax" = MightyFax "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US) "Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSN Music Assistant" = MSN Music Assistant "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English) "MySlideShow2_is1" = MySlideShow 2.7.5 "MyThumbs_is1" = MyThumbnails Pro 1.9 "Ninotech Path Copy" = Ninotech Path Copy 4.0 "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "OLYMPUS CAMEDIA Master 1.11" = OLYMPUS CAMEDIA Master 1.11 "Picasa 3" = Picasa 3 "Picasa2" = Picasa 2 "PicasaNet" = Hello (remove only) "Picture Easy 3.0" = Picture Easy 3.1 "PicViewer_is1" = PicViewer 2.74 "PingPlotter" = PingPlotter "PROSet" = Intel(R) PRO Network Adapters and Drivers "QuickStitch" = QuickStitch "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RealPlayer 6.0" = RealOne Player "Registry Mechanic_is1" = Registry Mechanic "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "Shockwave" = Shockwave "Shutterfly Plugin" = Shutterfly Plugin "Sony´s EZ Audio (TM) Transfer & Restoration Kit" = Sony´s EZ Audio (TM) Transfer & Restoration Kit "SP6" = Logitech SetPoint 6.15 "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20 "StreetPlugin" = Learn2 Player (Uninstall Only) "Swat It v2.1" = Swat It v2.1 "SysInfo" = Creative System Information "Tolken99 v4.2" = Tolken99 v4.2 "Transparent Language System" = Transparent Language System "TreeSize Professional_is1" = TreeSize Professional 4.3.2 "Tweak UI 2.10" = Tweak UI "Video ToolBox_is1" = Video ToolBox "VideoGen_is1" = MySlideShow Video Generator Plug-in 2.8.7 "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.2 "Vocabulary Master" = Vocabulary Master "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WIC" = Windows Imaging Component "Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.4 [32-Bit] "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "Win-Family 6.0" = Win-Family 6.0 "WinFlash Educator v10_is1" = WinFlash Educator v10 "WinFlash Educator v11_is1" = WinFlash Educator v11 "WinFlash Educator_is1" = WinFlash Educator 10.0 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "ZENcast Organizer" = ZENcast Organizer "ZoneAlarm Internet Security Suite" = ZoneAlarm Internet Security Suite "ZoneAlarm Toolbar" = ZoneAlarm Toolbar "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome "GoToMeeting" = GoToMeeting 4.5.0.457 "Spotify" = Spotify [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 10/21/2011 8:53:19 PM | Computer Name = JEEVES | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 10/22/2011 7:17:34 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x037e9136. Error - 10/22/2011 7:20:09 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x037e9136. Error - 10/22/2011 7:20:19 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x03749136. Error - 10/24/2011 8:27:49 AM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x037e9136. Error - 10/25/2011 8:53:30 PM | Computer Name = JEEVES | Source = Lavasoft Ad-Aware Service | ID = 0 Description = Error - 10/26/2011 9:01:20 AM | Computer Name = JEEVES | Source = Application Hang | ID = 1002 Description = Hanging application spotify.exe, version 0.6.2.243, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 10/28/2011 8:08:35 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x038e9136. Error - 10/28/2011 8:16:18 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x037e9136. Error - 10/28/2011 8:21:11 PM | Computer Name = JEEVES | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x038e9136. [ SLEvtLog Events ] Error - 1/15/2007 3:28:16 PM | Computer Name = JEEVES | Source = SLSource | ID = 0 Description = Error - 1/27/2007 6:01:55 AM | Computer Name = JEEVES | Source = SLSource | ID = 0 Description = [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >