1

Running Win XP Home, SP-3 and, without any warning, suddenly got "The file does not have a program associated with it for performing this action. Create an association in the folder options panel" error message with almost everything I try to light up from Desktop or the start tower. Not everything, mind you, but more than half of my programs. I've researched until I'm blue in the face -- nothing works. I can use My Computer and do a work-around to get everything, but it's a royal pain having to take that many steps to open a file like My Documents, My Pictures, etc. If this is the wrong forum, I apologize. I have absolutely no clue as to where this query should go.

5
Contributors
42
Replies
48
Views
6 Years
Discussion Span
Last Post by jamie4445
Featured Replies
  • [QUOTE=GoldenEagle4444;1474453]Running Win XP Home, SP-3 and, without any warning, suddenly got "The file does not have a program associated with it for performing this action. Create an association in the folder options panel" error message with almost everything I try to light up from Desktop or the start tower. Not … Read More

  • [QUOTE=GoldenEagle4444;] Far too complicated for this old man. I guess I'm a hopeless cause, huh? Thanks for your time, anyway.[/QUOTE] Nah - nobody is hopeless :) Hang in there - we can talk you through most of this stuff, if need be. -- Did you try [B]System Restore[/B] and restoring … Read More

0

If this is the wrong forum, I apologize. I have absolutely no clue as to where this query should go.

I moved your post to the Spyware forum - seems a good place to start.

See if you are able to run the tools in the linky below and post the scanlogs.

http://www.daniweb.com/forums/thread134865.html

Let us know if you run into any problems. I or another volunteer will check back as time permits.

Cheers :)
PP

2

Running Win XP Home, SP-3 and, without any warning, suddenly got "The file does not have a program associated with it for performing this action. Create an association in the folder options panel" error message with almost everything I try to light up from Desktop or the start tower. Not everything, mind you, but more than half of my programs. I've researched until I'm blue in the face -- nothing works. I can use My Computer and do a work-around to get everything, but it's a royal pain having to take that many steps to open a file like My Documents, My Pictures, etc. If this is the wrong forum, I apologize. I have absolutely no clue as to where this query should go.

http://support.microsoft.com/kb/308089

0

I tried very hard to follow all of your instructions, but I'm afraid there were just to many for an old man to comprehend. I ran the MS Malicious Removal Tool and it reported no errors found. I downloaded and ran two (the first two) of the three programs you asked for and ran both of them. I lost track of the what to do with them so I Emailed both logs to myself (Sorry, I couldn't think of any other way to save them and I'm obviously not a geek). The third program (gt500.org MBA-M) timed out three consecutive tries and wouldn't download and I don't have a clue in the world was DDS.txt is, how to find it and anything else about it. Far too complicated for this old man. I guess I'm a hopeless cause, huh? Thanks for your time, anyway.

1

Far too complicated for this old man. I guess I'm a hopeless cause, huh? Thanks for your time, anyway.

Nah - nobody is hopeless :)

Hang in there - we can talk you through most of this stuff, if need be.

-- Did you try System Restore and restoring your computer to a time when all was working as it should?
That would be a good step - let us know if you need help trying that.

Also, try this:
Download OTL.exe to the Desktop.
-- Run it and click Scan All Users and then hit Quick Scan and post me the Two resulting logs. They should open automatically in notepad. They should also be saved next to OTL.exe

Just copy and paste them into the thread here for us.

PP:)

0

I hope this is what you want....

OTL logfile created on: 2/15/2011 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Dell\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 40.17 Gb Free Space | 53.94% Space Free | Partition Type: NTFS

Computer Name: DELLHILL | User Name: Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
PRC - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 09:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/03 14:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/15 15:05:25 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/08/30 08:25:04 | 000,025,976 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/30 16:43:58 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Keyboard\type32.exe


========== Modules (SafeList) ==========

MOD - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SolutoService)
SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Disabled | Stopped] -- -- (AOL TopSpeedMonitor)
SRV - File not found [Auto | Stopped] -- -- (AntiVirUpgradeService)
SRV - File not found [Auto | Stopped] -- -- (0254121294069036mcinstcleanup) McAfee Application Installer Cleanup (0254121294069036)
SRV - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) [Auto | Running] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner)
SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/02/15 07:04:16 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1209F0C6-A8E6-4716-8786-4E7511A452F9}\MpKslb60d81a3.sys -- (MpKslb60d81a3)
DRV - [2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxrts.sys -- (pxrts)
DRV - [2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxkbf.sys -- (pxkbf)
DRV - [2010/11/01 20:50:32 | 000,181,704 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\psi_mf.sys -- (PSI)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmb.sys -- (nmwcd)
DRV - [2009/01/11 14:49:46 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/20 13:09:04 | 000,093,544 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/06 11:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/06/06 18:52:14 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2007/06/06 18:52:12 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2006/10/19 11:11:40 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/08/11 08:42:42 | 003,958,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 07:58:32 | 000,026,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2002/08/30 07:58:04 | 002,166,454 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2002/08/30 07:49:48 | 000,447,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52) Intel(R)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.foxnews.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6e098d65-7d2d-46d4-ada0-2f882a29f795}:0.2.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"

FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/30 14:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/06/24 21:13:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/22 21:18:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/27 23:14:46 | 000,000,000 | ---D | M]

[2008/06/17 17:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Extensions
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions
[2010/04/28 08:40:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/09 15:25:56 | 000,000,000 | ---D | M] (CHM Reader) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e098d65-7d2d-46d4-ada0-2f882a29f795}
[2010/02/19 11:12:12 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/12/24 01:41:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/07/11 08:48:16 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\bettergmail2@ginatrapani(2).org
[2005/11/09 09:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\temp
[2008/08/07 14:09:29 | 000,002,432 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\google-windows-related-site-search.xml
[2008/08/07 14:09:18 | 000,002,011 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\support-alert.xml
[2008/08/07 14:09:08 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\windowssecretscom.xml
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/17 16:15:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/13 11:36:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/03 19:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/23 23:03:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/30 14:56:01 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/04/17 16:14:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/06/24 21:13:28 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/03 19:47:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/06/14 10:10:36 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2010/11/20 04:37:49 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/02/12 00:13:14 | 000,430,398 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14818 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\SYSTEM32\PxSecure.dll (Prevx)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [IntelliType] C:\Program Files\Microsoft Hardware\Keyboard\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([fighterace] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([primary] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: myfoxdfw.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: nascar.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: redsox.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: shavlik.com ([it] https in Local intranet)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: stormofaces.com ([www] https in Trusted sites)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} Reg Error: Value error. (WUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38029.4850231481 (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup145.cab (Reg Error: Value error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:1 (Intelligent Desktop - intelligentdesktop.com) - http://active.intelligentdesktop.com/active/?18124967
O24 - Desktop WallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell - "" = AutoRun
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (pgdfgsvc C 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/15 22:32:22 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/01 22:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Application Data\Foxit Software
[2011/01/27 23:13:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/01/27 22:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Local Settings\Application Data\Secunia PSI
[2011/01/27 22:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/01/27 21:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/26 10:21:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2011/01/25 02:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\My Documents\Carolyn
[2011/01/24 23:38:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/01/22 08:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prevx 3.0
[2011/01/22 08:59:48 | 000,071,880 | ---- | C] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Prevx
[2011/01/22 08:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009/07/22 10:58:32 | 218,123,672 | ---- | C] (Microsoft Corporation) -- C:\Program Files\fsx_sp1_ENU.exe
[2008/01/29 00:07:04 | 005,152,645 | ---- | C] (WSI ) -- C:\Program Files\IntellicastDesktopSetup.exe
[2008/01/27 18:52:57 | 000,210,416 | ---- | C] (Check Point Software Technologies LTD) -- C:\Program Files\zaSetup_en.exe
[2007/07/11 00:24:22 | 005,388,088 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2007/07/02 18:10:09 | 027,024,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PowerPointViewer.exe
[2006/12/05 10:33:41 | 012,684,992 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp532_full_bundle_emusic-7plus.exe
[2006/10/03 02:15:25 | 000,243,512 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-1_5_0_06-windows-i586-p-iftw.exe
[2006/08/31 16:05:24 | 001,813,480 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msnsusii.exe
[2006/07/01 10:47:55 | 004,908,904 | ---- | C] (Google Inc.) -- C:\Program Files\picasa2Setup.exe
[2006/02/03 03:19:08 | 000,174,952 | ---- | C] (CoreStreet, Ltd.) -- C:\Program Files\spoofstick-ie.exe
[2004/01/20 11:48:18 | 016,706,160 | ---- | C] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/15 22:10:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/15 21:10:11 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:48 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:40 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/02/15 16:10:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/15 13:29:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/02/15 06:53:17 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/02/15 06:50:52 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011/02/15 06:50:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2011/02/12 11:32:16 | 000,007,460 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 11:15:14 | 000,013,280 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 08:59:33 | 000,050,475 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:13:14 | 000,430,398 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2011/02/11 20:22:20 | 000,248,169 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/11 15:00:01 | 000,019,067 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/09 10:00:35 | 000,283,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 09:58:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/02/06 11:52:07 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/06 11:27:00 | 000,592,760 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/06 11:14:00 | 000,516,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/04 21:30:30 | 000,019,896 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/04 16:07:06 | 000,094,760 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/01 13:34:20 | 000,664,576 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/30 13:10:23 | 000,083,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/29 23:35:06 | 000,058,753 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/28 02:29:46 | 000,429,737 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110212-001314.backup
[2011/01/27 23:51:08 | 001,346,612 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 23:10:15 | 000,000,937 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2011/01/27 22:52:36 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 21:26:57 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:42:06 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 13:24:22 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/01/26 10:22:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/25 17:00:54 | 000,076,273 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 23:31:23 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2011/01/24 14:32:09 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\default-to-filext.exe
[2011/01/24 01:50:22 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/23 00:22:52 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/22 21:18:03 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/22 21:18:03 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/22 08:59:48 | 000,071,880 | ---- | M] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:34 | 000,000,212 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/01/19 13:36:02 | 000,429,177 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110128-022946.backup
[2011/01/17 15:03:50 | 000,012,756 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/15 21:10:00 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:43 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:16 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/12 17:40:26 | 000,007,460 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 17:40:15 | 000,013,280 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 17:40:05 | 000,050,475 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:08:32 | 000,019,067 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/11 20:22:19 | 000,248,169 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/06 11:53:14 | 003,390,035 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Men's Auxiliary Patch.jpg
[2011/02/06 11:53:03 | 000,516,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/06 11:52:50 | 000,592,760 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/05 02:48:55 | 000,094,760 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/05 02:48:47 | 000,019,896 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/02 20:53:06 | 000,118,680 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 001.jpg
[2011/02/02 20:52:59 | 000,192,438 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 004.jpg
[2011/02/02 20:52:54 | 000,182,998 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 003.jpg
[2011/02/01 13:34:16 | 000,664,576 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/31 20:41:00 | 000,083,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/30 13:56:23 | 000,058,753 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/27 23:51:05 | 001,346,612 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 22:52:36 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 22:52:36 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/01/27 21:31:42 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/27 21:26:57 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:10:20 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 10:21:53 | 000,002,561 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2011/01/25 20:48:56 | 000,076,273 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 01:50:22 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/18 03:31:34 | 000,012,756 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[2011/01/06 13:57:18 | 000,006,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/06 13:55:41 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/03/16 20:26:34 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\monFDE.log
[2010/02/18 13:59:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pt.dll
[2010/01/09 15:56:57 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/09 15:55:11 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/12/08 22:30:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dell\Application Data\monFDE.log
[2009/01/11 14:49:45 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/16 18:15:48 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/10/29 23:51:04 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/04/03 16:32:58 | 046,804,880 | ---- | C] () -- C:\Program Files\zlsSetup_70_470_000_en.exe
[2008/01/27 17:34:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/09/27 12:16:39 | 004,310,568 | ---- | C] () -- C:\Program Files\Garmin WebUpdater_241.exe
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/29 11:14:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/03/29 11:14:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/03/29 11:14:56 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/03/29 11:14:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/03/29 11:14:44 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/29 11:14:39 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/03/29 11:14:38 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/02/18 16:55:19 | 011,739,056 | ---- | C] () -- C:\Program Files\ndntenst.exe
[2007/01/17 12:43:06 | 001,067,016 | ---- | C] () -- C:\Program Files\advisor.exe
[2006/11/04 22:59:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\fusioncache.dat
[2006/02/03 03:19:48 | 000,015,404 | ---- | C] () -- C:\Program Files\spoofstick-firefox.xpi
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2004/08/02 15:35:54 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\tr98s2n61c.dll
[2004/03/08 08:01:21 | 002,674,213 | ---- | C] () -- C:\Program Files\aida32ne_393.exe
[2004/02/21 01:48:26 | 000,000,512 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2004/02/21 01:48:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\wisec.ini
[2004/02/21 01:48:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\WINTOYS.INI
[2004/02/21 01:48:25 | 000,271,264 | ---- | C] () -- C:\WINDOWS\VBRUN100.DLL
[2004/02/21 01:48:25 | 000,019,200 | ---- | C] () -- C:\WINDOWS\WEPUTIL.DLL
[2004/02/21 01:48:25 | 000,000,212 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/02/21 01:48:25 | 000,000,152 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/02/21 01:48:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/02/21 01:48:24 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2004/02/21 01:48:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingox.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo5c.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2x.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo.INI
[2004/02/21 01:48:15 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Piggybak.ini
[2004/02/21 01:48:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\PBUpdate.ini
[2004/02/21 01:48:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/02/21 01:48:14 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/02/21 01:48:13 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/02/21 01:48:12 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2004/02/21 01:48:12 | 000,003,999 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2004/02/21 01:48:12 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/02/21 01:48:12 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2004/02/21 01:48:12 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/02/21 01:48:12 | 000,000,155 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2004/02/21 01:48:11 | 000,000,070 | ---- | C] () -- C:\WINDOWS\7532E836.ini
[2004/02/21 01:48:11 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/01/25 17:04:50 | 000,038,747 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/01/03 21:58:36 | 000,002,530 | ---- | C] () -- C:\WINDOWS\FiveCardFrenzy.ini
[2004/01/03 13:59:59 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll
[2004/01/03 07:01:48 | 000,000,075 | ---- | C] () -- C:\WINDOWS\USBBC.ini
[2004/01/03 07:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MDI.INI
[2004/01/02 10:07:20 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\gicscal.dll
[2004/01/02 10:07:20 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\ICSHLink.dll
[2004/01/02 10:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Calendar.INI
[2003/12/28 11:05:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PhotoFantasy.ini
[2003/12/28 11:04:37 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2003/12/26 14:18:40 | 000,000,054 | ---- | C] () -- C:\WINDOWS\autmtst.ini
[2003/12/26 11:14:30 | 000,068,100 | ---- | C] () -- C:\WINDOWS\System32\Cheetah2.DLL
[2003/12/26 10:01:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/11/22 04:03:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/22 04:02:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/11/22 03:53:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/22 03:37:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/11/22 03:26:54 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/10/11 23:32:13 | 000,000,174 | ---- | C] () -- C:\WINDOWS\System32\mcini.ini
[2003/10/11 23:13:05 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/27 14:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/09/18 16:10:08 | 000,001,305 | ---- | C] () -- C:\Program Files\Readme.txt
[2002/09/18 16:08:26 | 000,000,359 | ---- | C] () -- C:\Program Files\File_ID.DIZ
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/29 06:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_007354_.tmp.dll
[2002/08/29 06:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_007322_.tmp.dll
[2000/04/14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1998/06/11 14:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996/05/08 17:38:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2010/01/09 18:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/03/23 22:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/02/19 17:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/01/27 18:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/12/08 22:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/06/25 15:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2008/05/11 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2010/01/09 15:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/06/24 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/02/13 08:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2008/02/12 23:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2008/12/16 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/05/10 15:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/02/15 00:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/05/10 17:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/27 16:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2008/12/06 09:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/11/17 23:36:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/03/23 10:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/10/01 08:37:51 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2003/10/08 01:08:18 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

0

Your doing well for an "old timer" :) I'll let PhilliePhan complete this but it appears your registry might need some attention. System restore could fix it but as I say let Phillie take a look first.

Edited by mlm2gether: reviewed answer

0

Thanks for your encouraging words. It really isn't easy when the nomenclature gets reduced to code after code after code and a lot of people assume that you know what they're talking about -- and you're totally lost. I've run this same machine for 11 years and figured out how to solve any and all problems to date, but this one has me beating my head against the wall. I'll await further instructions from PhilliePhan.

0

I've run this same machine for 11 years and figured out how to solve any and all problems to date, but this one has me beating my head against the wall. I'll await further instructions from PhilliePhan.

I am going to need some time to run through the log - bit overextended at the moment.
With any luck, one of the other volunteers can chime in. If not, no worries - I will get back to you as soon as I am able.

-- Did you try a System Restore? Is that a viable option for you? Do you need help with that?
In cases such as this, it is usually a good place to start.

Hang in there :)
PP

0

If it's any consolation I had the same problem with Windows 7 up to a week ago when finally I found an answer. It was a registry problem which is what leads me to thinking there may be similarities. Took two weeks of searching but I got it. I too am a self directed learner so you are not alone. At least your in the right place.

0

Yes, I tried System Restore as one of my first efforts to cure the problem. I tried all of the available dates listed...to no avail.

0

Yes, I tried System Restore as one of my first efforts to cure the problem. I tried all of the available dates listed...to no avail.

Two quick questions:

-- What is this?
C:\Program Files\Soluto

-- Can you get a command prompt?
START > RUN > type CMD and hit Enter

0

Two quick questions:

-- What is this?
C:\Program Files\Soluto

A software pgm that monitored startup programs. I tried it; didn't like it and removed it.

-- Can you get a command prompt?
START > RUN > type CMD and hit Enter

Yes, I can get a CMD Prompt window open.

0

A software pgm that monitored startup programs. I tried it; didn't like it and removed it.

Looks like that left some damage in a critical part of the registry. Let's do this:

Open a command prompt and type or Copy&Paste the following:

REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V "Userinit" /D "C:\WINDOWS\system32\userinit.exe," /F

Then, hit Enter and then REBOOT your machine and let me know if that helped.

Probably best to copy&paste, if possible so there are no errors.

If you type it, be advised that there are spaces in the command and all the punctuation is necessary:

REG <space> ADD <space> "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" <space> /V <space> "Userinit" <space> /D <space> "C:\WINDOWS\system32\userinit.exe," <space> /F


Let me know how that all shakes out and if you had any problems along the way - I'll have to check back Wednesday evening EST.

Best Luck :)
PP

Edited by PhilliePhan: n/a

0

Looks like that left some damage in a critical part of the registry. Let's do this:

Open a command prompt and type or Copy&Paste the following:

REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V "Userinit" /D "C:\WINDOWS\system32\userinit.exe," /F

Then, hit Enter and then REBOOT your machine and let me know if that helped.

Nope. I did as instructed (C & P) and it was successful. On reboot, same problem.

I'm retired, so any time you can help, I'll be here. Thanks!

0

I would still do a backup of the registry before you do anything but you most likely would do that anyway.

0

I would still do a backup of the registry before you do anything but you most likely would do that anyway.

That is definitely something to consider if we do anything drastic there. ERUNT is a good tool for that.

I'm retired, so any time you can help, I'll be here. Thanks!

Great - these problems sometimes take a while to figure out. With any luck, we'll both learn something in the process :)

Open a command prompt and type:
assoc >>C:\log.txt ENTER

Please copy&paste the C:\log.txt for me.

Note: the command is assoc <space>>>C:\log.txt

Let's see what that says - I think I might be barking up the wrong tree, though.

-- Did you try changing the file associations via Folder Options > File Types Tab?

I'll check it tonight when I get home.

PP:)

Edited by PhilliePhan: n/a

0

"Open a command prompt and type:
assoc >>C:\log.txt ENTER"

I did the above and nothing happened. The cursor simply dropped down as though it wanted another command.

I looked at the Folder Option in the Control Panel but immediately became totally confused and got my butt out of there before I did more damage. We're talking about the file extensions for just about every Windows service and -- having NO knowledge of that -- I backed out.

0

ERUNT is on board and running.

So you were able to use it to backup the registry with no problems?

I did the above and nothing happened. The cursor simply dropped down as though it wanted another command.

Right - The log will be at C:\log.txt . Just navigate to that and post the Log.txt.

Actually, let's do this:
Fire up another command prompt and type or Copy&Paste the commands in red (being careful of the spaces if you type them):

REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open" >>C:\Log.txt
Hit ENTER
REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command" >>C:\Log.txt
Hit ENTER
Notepad C:\Log.txt

Hit ENTER

This will add to the existing C:\log.txt and should pop the log right up for you - copy and paste the contents for me.
-- This is curious - the values look OK in the OTL log + you are able to run the programs, just not form those locations.

Hang in there :)
PP

0

Also, see if you can locate the OTL Extras Text log and post that for me - should be on the Desktop with OTL.exe
Perhaps in OTL Folder?

PP:)

Edited by PhilliePhan: n/a

0

OTL logfile created on: 2/15/2011 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Dell\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 40.17 Gb Free Space | 53.94% Space Free | Partition Type: NTFS

Computer Name: DELLHILL | User Name: Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
PRC - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 09:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/03 14:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/15 15:05:25 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/08/30 08:25:04 | 000,025,976 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/30 16:43:58 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Keyboard\type32.exe


========== Modules (SafeList) ==========

MOD - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SolutoService)
SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Disabled | Stopped] -- -- (AOL TopSpeedMonitor)
SRV - File not found [Auto | Stopped] -- -- (AntiVirUpgradeService)
SRV - File not found [Auto | Stopped] -- -- (0254121294069036mcinstcleanup) McAfee Application Installer Cleanup (0254121294069036)
SRV - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) [Auto | Running] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner)
SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/02/15 07:04:16 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1209F0C6-A8E6-4716-8786-4E7511A452F9}\MpKslb60d81a3.sys -- (MpKslb60d81a3)
DRV - [2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxrts.sys -- (pxrts)
DRV - [2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxkbf.sys -- (pxkbf)
DRV - [2010/11/01 20:50:32 | 000,181,704 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\psi_mf.sys -- (PSI)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmb.sys -- (nmwcd)
DRV - [2009/01/11 14:49:46 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/20 13:09:04 | 000,093,544 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/06 11:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/06/06 18:52:14 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2007/06/06 18:52:12 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2006/10/19 11:11:40 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/08/11 08:42:42 | 003,958,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 07:58:32 | 000,026,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2002/08/30 07:58:04 | 002,166,454 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2002/08/30 07:49:48 | 000,447,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52) Intel(R)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.foxnews.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6e098d65-7d2d-46d4-ada0-2f882a29f795}:0.2.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"

FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/30 14:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/06/24 21:13:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/22 21:18:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/27 23:14:46 | 000,000,000 | ---D | M]

[2008/06/17 17:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Extensions
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions
[2010/04/28 08:40:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/09 15:25:56 | 000,000,000 | ---D | M] (CHM Reader) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e098d65-7d2d-46d4-ada0-2f882a29f795}
[2010/02/19 11:12:12 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/12/24 01:41:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/07/11 08:48:16 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\bettergmail2@ginatrapani(2).org
[2005/11/09 09:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\temp
[2008/08/07 14:09:29 | 000,002,432 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\google-windows-related-site-search.xml
[2008/08/07 14:09:18 | 000,002,011 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\support-alert.xml
[2008/08/07 14:09:08 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\windowssecretscom.xml
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/17 16:15:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/13 11:36:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/03 19:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/23 23:03:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/30 14:56:01 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/04/17 16:14:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/06/24 21:13:28 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/03 19:47:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/06/14 10:10:36 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2010/11/20 04:37:49 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/02/12 00:13:14 | 000,430,398 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14818 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\SYSTEM32\PxSecure.dll (Prevx)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [IntelliType] C:\Program Files\Microsoft Hardware\Keyboard\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([fighterace] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([primary] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: myfoxdfw.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: nascar.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: redsox.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: shavlik.com ([it] https in Local intranet)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: stormofaces.com ([www] https in Trusted sites)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} Reg Error: Value error. (WUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38029.4850231481 (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup145.cab (Reg Error: Value error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:1 (Intelligent Desktop - intelligentdesktop.com) - http://active.intelligentdesktop.com/active/?18124967
O24 - Desktop WallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell - "" = AutoRun
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (pgdfgsvc C 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/15 22:32:22 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/01 22:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Application Data\Foxit Software
[2011/01/27 23:13:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/01/27 22:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Local Settings\Application Data\Secunia PSI
[2011/01/27 22:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/01/27 21:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/26 10:21:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2011/01/25 02:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\My Documents\Carolyn
[2011/01/24 23:38:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/01/22 08:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prevx 3.0
[2011/01/22 08:59:48 | 000,071,880 | ---- | C] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Prevx
[2011/01/22 08:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009/07/22 10:58:32 | 218,123,672 | ---- | C] (Microsoft Corporation) -- C:\Program Files\fsx_sp1_ENU.exe
[2008/01/29 00:07:04 | 005,152,645 | ---- | C] (WSI ) -- C:\Program Files\IntellicastDesktopSetup.exe
[2008/01/27 18:52:57 | 000,210,416 | ---- | C] (Check Point Software Technologies LTD) -- C:\Program Files\zaSetup_en.exe
[2007/07/11 00:24:22 | 005,388,088 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2007/07/02 18:10:09 | 027,024,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PowerPointViewer.exe
[2006/12/05 10:33:41 | 012,684,992 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp532_full_bundle_emusic-7plus.exe
[2006/10/03 02:15:25 | 000,243,512 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-1_5_0_06-windows-i586-p-iftw.exe
[2006/08/31 16:05:24 | 001,813,480 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msnsusii.exe
[2006/07/01 10:47:55 | 004,908,904 | ---- | C] (Google Inc.) -- C:\Program Files\picasa2Setup.exe
[2006/02/03 03:19:08 | 000,174,952 | ---- | C] (CoreStreet, Ltd.) -- C:\Program Files\spoofstick-ie.exe
[2004/01/20 11:48:18 | 016,706,160 | ---- | C] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/15 22:10:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/15 21:10:11 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:48 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:40 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/02/15 16:10:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/15 13:29:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/02/15 06:53:17 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/02/15 06:50:52 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011/02/15 06:50:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2011/02/12 11:32:16 | 000,007,460 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 11:15:14 | 000,013,280 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 08:59:33 | 000,050,475 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:13:14 | 000,430,398 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2011/02/11 20:22:20 | 000,248,169 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/11 15:00:01 | 000,019,067 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/09 10:00:35 | 000,283,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 09:58:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/02/06 11:52:07 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/06 11:27:00 | 000,592,760 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/06 11:14:00 | 000,516,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/04 21:30:30 | 000,019,896 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/04 16:07:06 | 000,094,760 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/01 13:34:20 | 000,664,576 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/30 13:10:23 | 000,083,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/29 23:35:06 | 000,058,753 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/28 02:29:46 | 000,429,737 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110212-001314.backup
[2011/01/27 23:51:08 | 001,346,612 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 23:10:15 | 000,000,937 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2011/01/27 22:52:36 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 21:26:57 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:42:06 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 13:24:22 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/01/26 10:22:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/25 17:00:54 | 000,076,273 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 23:31:23 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2011/01/24 14:32:09 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\default-to-filext.exe
[2011/01/24 01:50:22 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/23 00:22:52 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/22 21:18:03 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/22 21:18:03 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/22 08:59:48 | 000,071,880 | ---- | M] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:34 | 000,000,212 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/01/19 13:36:02 | 000,429,177 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110128-022946.backup
[2011/01/17 15:03:50 | 000,012,756 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/15 21:10:00 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:43 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:16 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/12 17:40:26 | 000,007,460 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 17:40:15 | 000,013,280 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 17:40:05 | 000,050,475 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:08:32 | 000,019,067 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/11 20:22:19 | 000,248,169 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/06 11:53:14 | 003,390,035 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Men's Auxiliary Patch.jpg
[2011/02/06 11:53:03 | 000,516,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/06 11:52:50 | 000,592,760 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/05 02:48:55 | 000,094,760 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/05 02:48:47 | 000,019,896 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/02 20:53:06 | 000,118,680 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 001.jpg
[2011/02/02 20:52:59 | 000,192,438 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 004.jpg
[2011/02/02 20:52:54 | 000,182,998 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 003.jpg
[2011/02/01 13:34:16 | 000,664,576 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/31 20:41:00 | 000,083,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/30 13:56:23 | 000,058,753 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/27 23:51:05 | 001,346,612 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 22:52:36 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 22:52:36 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/01/27 21:31:42 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/27 21:26:57 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:10:20 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 10:21:53 | 000,002,561 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2011/01/25 20:48:56 | 000,076,273 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 01:50:22 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/18 03:31:34 | 000,012,756 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[2011/01/06 13:57:18 | 000,006,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/06 13:55:41 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/03/16 20:26:34 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\monFDE.log
[2010/02/18 13:59:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pt.dll
[2010/01/09 15:56:57 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/09 15:55:11 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/12/08 22:30:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dell\Application Data\monFDE.log
[2009/01/11 14:49:45 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/16 18:15:48 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/10/29 23:51:04 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/04/03 16:32:58 | 046,804,880 | ---- | C] () -- C:\Program Files\zlsSetup_70_470_000_en.exe
[2008/01/27 17:34:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/09/27 12:16:39 | 004,310,568 | ---- | C] () -- C:\Program Files\Garmin WebUpdater_241.exe
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/29 11:14:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/03/29 11:14:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/03/29 11:14:56 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/03/29 11:14:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/03/29 11:14:44 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/29 11:14:39 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/03/29 11:14:38 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/02/18 16:55:19 | 011,739,056 | ---- | C] () -- C:\Program Files\ndntenst.exe
[2007/01/17 12:43:06 | 001,067,016 | ---- | C] () -- C:\Program Files\advisor.exe
[2006/11/04 22:59:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\fusioncache.dat
[2006/02/03 03:19:48 | 000,015,404 | ---- | C] () -- C:\Program Files\spoofstick-firefox.xpi
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2004/08/02 15:35:54 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\tr98s2n61c.dll
[2004/03/08 08:01:21 | 002,674,213 | ---- | C] () -- C:\Program Files\aida32ne_393.exe
[2004/02/21 01:48:26 | 000,000,512 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2004/02/21 01:48:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\wisec.ini
[2004/02/21 01:48:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\WINTOYS.INI
[2004/02/21 01:48:25 | 000,271,264 | ---- | C] () -- C:\WINDOWS\VBRUN100.DLL
[2004/02/21 01:48:25 | 000,019,200 | ---- | C] () -- C:\WINDOWS\WEPUTIL.DLL
[2004/02/21 01:48:25 | 000,000,212 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/02/21 01:48:25 | 000,000,152 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/02/21 01:48:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/02/21 01:48:24 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2004/02/21 01:48:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingox.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo5c.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2x.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo.INI
[2004/02/21 01:48:15 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Piggybak.ini
[2004/02/21 01:48:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\PBUpdate.ini
[2004/02/21 01:48:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/02/21 01:48:14 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/02/21 01:48:13 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/02/21 01:48:12 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2004/02/21 01:48:12 | 000,003,999 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2004/02/21 01:48:12 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/02/21 01:48:12 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2004/02/21 01:48:12 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/02/21 01:48:12 | 000,000,155 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2004/02/21 01:48:11 | 000,000,070 | ---- | C] () -- C:\WINDOWS\7532E836.ini
[2004/02/21 01:48:11 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/01/25 17:04:50 | 000,038,747 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/01/03 21:58:36 | 000,002,530 | ---- | C] () -- C:\WINDOWS\FiveCardFrenzy.ini
[2004/01/03 13:59:59 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll
[2004/01/03 07:01:48 | 000,000,075 | ---- | C] () -- C:\WINDOWS\USBBC.ini
[2004/01/03 07:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MDI.INI
[2004/01/02 10:07:20 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\gicscal.dll
[2004/01/02 10:07:20 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\ICSHLink.dll
[2004/01/02 10:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Calendar.INI
[2003/12/28 11:05:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PhotoFantasy.ini
[2003/12/28 11:04:37 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2003/12/26 14:18:40 | 000,000,054 | ---- | C] () -- C:\WINDOWS\autmtst.ini
[2003/12/26 11:14:30 | 000,068,100 | ---- | C] () -- C:\WINDOWS\System32\Cheetah2.DLL
[2003/12/26 10:01:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/11/22 04:03:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/22 04:02:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/11/22 03:53:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/22 03:37:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/11/22 03:26:54 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/10/11 23:32:13 | 000,000,174 | ---- | C] () -- C:\WINDOWS\System32\mcini.ini
[2003/10/11 23:13:05 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/27 14:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/09/18 16:10:08 | 000,001,305 | ---- | C] () -- C:\Program Files\Readme.txt
[2002/09/18 16:08:26 | 000,000,359 | ---- | C] () -- C:\Program Files\File_ID.DIZ
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/29 06:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_007354_.tmp.dll
[2002/08/29 06:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_007322_.tmp.dll
[2000/04/14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1998/06/11 14:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996/05/08 17:38:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2010/01/09 18:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/03/23 22:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/02/19 17:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/01/27 18:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/12/08 22:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/06/25 15:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2008/05/11 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2010/01/09 15:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/06/24 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/02/13 08:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2008/02/12 23:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2008/12/16 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/05/10 15:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/02/15 00:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/05/10 17:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/27 16:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2008/12/06 09:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/11/17 23:36:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/03/23 10:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/10/01 08:37:51 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2003/10/08 01:08:18 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

0

OTL Extras logfile created on: 2/15/2011 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Dell\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 40.17 Gb Free Space | 53.94% Space Free | Partition Type: NTFS

Computer Name: DELLHILL | User Name: Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
"C:\Program Files\America Online 9.0d Kandi\waol.exe" = C:\Program Files\America Online 9.0d Kandi\waol.exe:*:Enabled:AOL
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0e\waol.exe" = C:\Program Files\America Online 9.0e\waol.exe:*:Enabled:AOL
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0775E689-1C51-C3BE-52A3-72CDC8E38A22}" = Catalyst Control Center Localization Spanish
"{0928B2C5-0B16-C2FB-7BAE-A25901414687}" = ATI Catalyst Install Manager
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0E73E784-CDF1-6B51-A600-9AD8F88C1B16}" = Catalyst Control Center Graphics Full New
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{218D600B-5346-DD4A-9ACB-B9F923B3047C}" = CCC Help Spanish
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{25EF00C6-F17B-11D6-88EA-000476CD2443}" =
"{25EF00D1-F17B-11D6-88EA-000476CD2443}" =
"{25EF03DA-F17B-11D6-88EA-000476CD2443}" =
"{26A24AE4-039D-4CA4-87B4-2F83216011FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216013FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216014FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216015FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216016FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216017FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216018FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83216021FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216022FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216023FB}" =
"{2CC3E950-A475-89F4-72FF-8816584AAF24}" = ccc-core-static
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3BE45361-42C4-67A2-3D75-0582196F94A9}" = CCC Help German
"{4220E523-EDE1-449F-83F5-8267D20E1ED0}" = Maxtor Manager
"{427A666A-9041-98C0-0F69-98AB5F85389C}" = CCC Help French
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47ECB510-75DC-BE34-EA3D-695DB6BA7474}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{5088BB51-6385-B8D6-DC30-F72CADDBF2F0}" = ccc-core-preinstall
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}" = Form Fill (Windows Live Toolbar)
"{55BDDA33-74BC-D427-1957-D1481A69764B}" = Catalyst Control Center Graphics Previews Common
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5FA4690C-1975-4F94-9A64-274F29BD9221}" = Microsoft Baseline Security Analyzer 1.2
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66A7A386-6F35-41A7-A731-101F0C0153C8}" = Popup Blocker (Windows Live Toolbar)
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6CEE13FC-AE68-C217-8C6B-125827747147}" = Catalyst Control Center Localization German
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E7B3F5-CFAF-4C1E-B494-528E28707937}" =
"{73568F76-7A37-9DB4-73B1-11DCF1A2FC52}" = FOX News Live
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86B879A5-927E-4536-B5FC-17CA96B60078}" = Garmin Communicator Plugin
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B79DCB0-AAD7-456B-8D07-433C936FA24B}" = DS21Patch
"{9DE006A5-B384-4EDE-A760-0F217136B9EA}" = Microsoft IntelliType Pro 2.2
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578v2" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769v2" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354v2" =
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A7D142EE-C5B3-CFD4-D639-DBDFFFD51BAF}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B9BB0074-7D77-1AC4-4EF9-6A1EF413C629}" = Catalyst Control Center Graphics Light
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB8B979E-E336-47E7-96BC-1031C1B94561}" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2418241" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB971111" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976569" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976576" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976765v2" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB979909" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB980773" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB983583" =
"{C0C5F7D6-EBC1-0922-9E35-B0141AD9256D}" = Catalyst Control Center Localization French
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" =
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003" =
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043" =
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1" = Uniblue SystemTweaker
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E2959758-6CC4-6E65-3411-4ECCCC2C07E1}" = Catalyst Control Center Core Implementation
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E7ABF695-25EF-20C6-FEB6-53C46C605C68}" = ccc-utility
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F64306A5-4C32-41bb-B153-53986527FAB4}" =
"{F652D238-5F29-42D5-BAF3-0115EF977EC2}" = Windows Live Sign-in Assistant
"{F75E3360-36CA-FAA3-956F-245DB63BDD7A}" = Catalyst Control Center Graphics Full Existing
"{FA2CCFC8-46AE-BE98-9BE6-9FFFF047F693}" = CCC Help Chinese Standard
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"{FD8D55C1-8AB7-BAE9-5412-5D09A853E896}" = CCC Help English
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows Driver Package - Nokia Modem (06/09/2010 4.5)
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Abacast Client" =
"ACDSee" =
"Aces High II" =
"Acoustica Audio Converter Pro" =
"Acoustica Beatcraft" =
"Acoustica CD/DVD Label Maker" =
"Acoustica Effects Pack" =
"Acoustica MP3 CD Burner" =
"AddressBook" =
"Adobe AIR" = Adobe AIR
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" =
"AIDA32_is1" = AIDA32 v3.93
"AIMToolbar" =
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Deskbar" =
"AOL Toolbar" =
"ATI Display Driver" = ATI Display Driver
"BackWeb-8876480 Uninstaller" =
"Belarc Advisor" = Belarc Advisor 8.1
"Belarc Advisor 2.0" =
"BIMP1.32" = Batch Image Processor (BIMP) 1.32
"Branding" =
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" =
"Connection Manager" =
"DirectAnimation" =
"DirectDrawEx" =
"DXM_Runtime" =
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.7)
"Fontcore" =
"Foxit Reader" = Foxit Reader
"FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1" = FOX News Live Stream
"GMailFS" = GMail Drive Shell Extension
"Google Updater" = Google Updater
"ICW" =
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE40" =
"IE4Data" =
"IE4Dev" = Microsoft Script Debugger
"IE5BAKEX" =
"ie7" =
"ie8" = Windows Internet Explorer 8
"IEData" =
"ieSpell" = ieSpell
"InstallShield Uninstall Information" =
"InstallShield_{4220E523-EDE1-449F-83F5-8267D20E1ED0}" = Maxtor Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Standard
"Logitech Print Service" =
"MailFrontier Desktop" =
"McAfee.com Privacy Service" =
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" =
"Microsoft .NET Framework 3.0" =
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Interactive Training" =
"Microsoft Security Client" = Microsoft Security Essentials
"MobileOptionPack" =
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MPlayer2" =
"MRU-Blaster_is1" = MRU-Blaster v1.5 (Database 7/19/2003)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MsJavaVM" =
"NetMeeting" =
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OutlookExpress" =
"PC Pitstop Optimize_is1" = PC Pitstop Optimize 1.5
"PCHealth" =
"PCSI" = Prevx
"Picasa 3" = Picasa 3
"PPTView97" = Microsoft PowerPoint Viewer 97
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Revo Uninstaller" = Revo Uninstaller 1.91
"RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" =
"SchedulingAgent" =
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"Shockwave" =
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" =
"SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" =
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Verizon Online Help and Support" =
"Wdf01000" =
"Wdf01001" =
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" =
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Connect" =
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMCSetup" =
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Applications" =

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/7/2011 4:00:47 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/8/2011 9:15:37 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/9/2011 10:52:02 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/9/2011 10:56:48 AM | Computer Name = DELLHILL | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240016, P2 begininstall, P3 install, P4
3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 2/10/2011 7:31:13 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/11/2011 4:00:54 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/12/2011 8:15:50 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/13/2011 4:01:27 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/14/2011 4:00:42 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

Error - 2/15/2011 7:53:57 AM | Computer Name = DELLHILL | Source = NativeWrapper | ID = 5000
Description =

[ System Events ]
Error - 2/13/2011 1:28:54 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCGenFAM

Error - 2/13/2011 4:02:07 AM | Computer Name = DELLHILL | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).

Error - 2/14/2011 4:00:58 AM | Computer Name = DELLHILL | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).

Error - 2/14/2011 11:32:17 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7000
Description = The Avira Upgrade Service service failed to start due to the following
error: %%3

Error - 2/14/2011 11:32:17 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7000
Description = The Soluto PCGenome Core Service service failed to start due to the
following error: %%3

Error - 2/14/2011 11:32:21 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCGenFAM

Error - 2/15/2011 7:52:10 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7000
Description = The Avira Upgrade Service service failed to start due to the following
error: %%3

Error - 2/15/2011 7:52:10 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7000
Description = The Soluto PCGenome Core Service service failed to start due to the
following error: %%3

Error - 2/15/2011 7:52:10 AM | Computer Name = DELLHILL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCGenFAM

Error - 2/15/2011 7:54:21 AM | Computer Name = DELLHILL | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).


< End of report >

0

OK - this ought to be easier:

Download the attached PEEK.txt and save it to the desktop
-- RightClick it and rename it to PEEK.bat
-- DoubleClick on PEEK.bat to run it.
A log will pop up - please post that for me. Let me know if you run into any problems with this.

PP:)

Edited by PhilliePhan: Clarification

Attachments
@ECHO OFF

REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command" | FIND /I /V "Version"				>>%systemdrive%\Peek.txt
REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open" | FIND /I /V "Version" 				>>%systemdrive%\Peek.txt
REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\folder\shell\open\command" | FIND /I /V "Version" 	>>%systemdrive%\Peek.txt
REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\folder\shell\explore\command" | FIND /I /V "Version" 	>>%systemdrive%\Peek.txt
REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\drive\shell\find\command" | FIND /I /V "Version" 	>>%systemdrive%\Peek.txt

ASSOC 													>>%systemdrive%\Peek.txt

NOTEPAD %systemdrive%\Peek.txt
DEL /Q %systemdrive%\Peek.txt
0

That's the content of the text file. :)

Try it again - Click on the PEEK.txt attachment and choose "Save File" and save it to the desktop.
-- As you save it, where it says "File Name," change PEEK.txt to PEEK.bat
Or, you can save it to the desktop as PEEK.txt and then change the name.

Then, once PEEK.bat is on the desktop, DoubleClick it to run it and produce the log.

Hang in there - we'll get it!

0

Then, once PEEK.bat is on the desktop, DoubleClick it to run it and produce the log.

I get exactly the same results as the first try.

0

I get exactly the same results as the first try.

Hmmm - that could be a symptom of the overlying problem.

Let's do this just to be sure:
Download the attached PEEK.zip and extract PEEK.bat from the zip to the desktop.
Run PEEK.bat and see if the log pops up and we'll go from there.

-- Even if that doesn't work, I think I'll go ahead and put together a "fix" for what I expect the log to show.

PP:)

Attachments
0

I got two message. One in the DOS box that said "The system was unable to find the specified registry key or value".

The other box that opened contained this:

HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command
<NO NAME> REG_SZ "%1" %*


HKEY_CLASSES_ROOT\Exefile\Shell\Open
EditFlags REG_BINARY 00000000

HKEY_CLASSES_ROOT\Exefile\Shell\Open\command
.323=h323file
.386=vxdfile
.3g2=QuickTime.3g2
.3gp=QuickTime.3gp
.3gp2=QuickTime.3gp2
.3gpp=QuickTime.3gpp
.7z=
.a=
.aa=MSAudible
.aac=QuickTime.aac
.ac3=QuickTime.ac3
.aca=Agent.Character.2
.accdt=
.ace=WinRAR
.acf=Agent.Character.2
.acg=Agent.Preview.2
.acl=ACLFile
.acs=Agent.Character2.2
.acw=acwfile
.ADE=
.ADP=
.adts=QuickTime.adts
.aif=QuickTime.aif
.aifc=QuickTime.aifc
.aiff=QuickTime.aiff
.air=AIR.InstallerPackage
.amc=QuickTime.amc
.AMR=
.ani=anifile
.ans=
.aolaam=wsc.AAMMimeHandler
.apl=ACD.PlugIn
.application=Application.Manifest
.appref-ms=Application.Reference
.aps=
.ARC=WinZip
.arj=WinRAR
.ART=
.asa=aspfile
.asc=
.ascx=
.asf=ASFFile
.asm=
.asp=aspfile
.aspx=
.asx=ASXFile
.au=AUFile
.AudioCD=AudioCD
.avgdi=AvgDiagFile
.avgdx=AvgDiagExFile
.avi=avifile
.aw=AWFile
.B64=WinZip
.BAS=
.bat=batfile
.bcf=Belarc.Content.Filter
.bci=Belarc.Computer.Inventory
.bcp=
.bfc=Briefcase
.BHX=WinZip
.bin=
.bkf=msbackupfile
.blg=PerfFile
.bmp=Paint.Picture
.bms=bmsfile
.bpp=MMJB.BPP
.bsc=
.bwf=
.bz=WinZip
.bz2=WinZip
.c=
.cab=CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
.caf=QuickTime.caf
.cat=CATFile
.cbo=MITrain.Document
.cc=
.cda=CDAFile
.cdda=QuickTime.cdda
.cdf=ChannelFile
.cdx=aspfile
.cel=
.cer=CERFile
.cgm=
.chk=chkfile
.chm=chm.file
.cil=ClipGalleryDownloadPackage
.clp=clpfile
.cls=
.cmd=cmdfile
.cnf=ConferenceLink
.cod=
.col=COLFile
.com=comfile
.compositefont=Windows.CompositeFont
.cpl=cplfile
.cpp=
.cr2=PaintShopProStudio1.Image
.crd=Microsoft.InformationCard
.crds=Microsoft.WindowsCardSpaceBackup
.crl=CRLFile
.crt=CERFile
.crtx=CRTXFile
.crw=PaintShopProStudio1.Image
.cs=
.csa=
.css=CSSfile
.CTT=MessengerContactList
.cur=curfile
.cxx=
.czip=
.db=dbfile
.dbg=
.dbs=
.DBX=
.dcr=PaintShopProStudio1.Image
.dcs=dcsfile
.dct=
.def=
.der=CERFile
.DeskLink=CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
.dib=Paint.Picture
.dic=txtfile
.dif=QuickTime.dif
.dir=
.disabled=SpybotSD.DisabledFile
.divx=divxfile
.dll=dllfile
.dl_=
.doc=Word.Document.8
.dochtml=wordhtmlfile
.docm=
.docx=
.dos=
.dot=Word.Template.8
.dothtml=wordhtmltemplate
.dotm=
.dotx=
.drv=drvfile
.dsn=MSDASQL
.dsp=
.dss=dssfile
.dsw=
.dun=dunfile
.dv=QuickTime.dv
.dvd=DVD
.dvr-ms=WMP.DVR-MSFile
.dwfx=XPSViewer.Document
.dxr=
.ear=
.ebo=eBookEBO
.ecmd=Eyetide.CommandFile
.ecs=ecsfile
.elm=ELMFile
.emf=emffile
.eml=Microsoft Internet Mail Message
.emm=MMJB.EMM
.emz=emz_auto_file
.eps=
.eta=Google Earth.etafile
.etp=
.exc=txtfile
.exe=exefile
.exp=
.ext=
.ex_=
.eyb=
.faq=
.fcs=fcsfile
.fdf=FoxitReader.FDFDoc
.ffa=FFAFile
.ffl=FFLFile
.fft=FFTFile
.ffx=FFXFile
.fky=
.flc=
.fli=
.fls=MSAudible
.fnd=fndfile
.fnt=
.Folder=Folder
.fon=fonfile
.gcsx=GCSXFile
.gg=GoogleGadget
.ggc=GoogleGadgetContainer
.ghi=
.gif=giffile
.glox=GLOXFile
.GMailFS=CLSID\{2B3453E4-49DF-11D3-8229-0080BE509055}
.gmanifest=GoogleGadgetManifest
.gqsx=GQSXFile
.gra=MSGraph.Chart.8
.grp=MSProgramGroup
.gsm=QuickTime.gsm
.gz=WinZip
.h=
.hhc=
.hlp=hlpfile
.hpp=
.hqx=WinZip
.ht=htfile
.hta=htafile
.htc=
.htm=htmlfile
.html=htmlfile
.htt=HTTfile
.htw=
.htx=
.hxx=
.i=
.ibq=
.icc=icmfile
.icm=icmfile
.ico=icofile
.idb=
.idl=
.idq=
.iii=iiifile
.ilk=
.imc=
.inc=
.inf=inffile
.ini=inifile
.inl=
.ins=x-internet-signup
.inv=
.inx=
.in_=
.iso=WinRAR
.isp=x-internet-signup
.its=ITS File
.IVF=IVFFile
.ivr=ivrfile
.jar=jarfile
.jav=
.java=
.jbf=
.jfif=pjpegfile
.jnlp=JNLPFile
.jnt=jntfile
.job=JobObject
.jod=Microsoft.Jet.OLEDB.4.0
.jp2=
.jpe=jpegfile
.jpeg=jpegfile
.jpg=jpegfile
.js=JSFile
.JSE=JSEFile
.jtp=jtpfile
.jtx=XPSViewer.Document
.kar=
.kci=
.key=regfile
.latex=
.lex=LEXFile
.lgn=
.lha=WinZip
.lib=
.lit=eBook
.lml=lml_auto_file
.lnk=lnkfile
.log=txtfile
.lst=
.lwv=LWVFile
.lzh=WinZip
.m14=
.m15=
.m1a=
.m1s=
.m1v=mpegfile
.m2v=mpegfile
.m3u=m3ufile
.m3u8=
.m3url=
.m4a=QuickTime.m4a
.m4b=QuickTime.m4b
.m4p=QuickTime.m4p
.m4v=QuickTime.m4v
.m75=
.mac=QuickTime.mac
.mak=
.map=
.MAPIMail=CLSID\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
.MDA=
.mdb=
.MDE=
.mdi=MSPaper.Document
.MDZ=
.meo=meofile
.mfp=MacromediaFlashPaper.MacromediaFlashPaper
.mht=mhtmlfile
.mhtml=mhtmlfile
.mid=midfile
.midi=midfile
.MIM=WinZip
.mk=
.mmc=MediaCatalog
.mmf=
.mmjb_mime=MMJB.MMJB_MIME
.mmm=MPlayer
.MMS=PCSuiteMessagesView
.mmz=MMJB.MMZ
.mnd=RealPlayer.MND.6
.mns=RealPlayer.MNS.6
.mod=mpegfile
.moh=mohfile
.mov=QuickTime.mov
.movie=
.mp2=mpegfile
.mp2v=mpegfile
.mp3=mp3file
.mp4=QuickTime.mp4
.mpa=mpegfile
.mpdp=mpdpfile
.mpe=mpegfile
.mpeg=mpegfile
.mpg=mpegfile
.mpm=
.mps=RealPlayer.MPEG.6
.mpv=DBC.MPEG.1
.mpv2=mpegfile
.mqv=QuickTime.mqv
.mrw=PaintShopProStudio1.Image
.msc=MSCFile
.msg=
.msi=Msi.Package
.msp=Msi.Patch
.MsRcIncident=MsRcIncident
.msstyles=msstylesfile
.MST=
.MSWMM=Windows.Movie.Maker
.mv=
.mydocs=CLSID\{ECF03A32-103D-11d2-854D-006008059367}
.n-gage=Nokia.ApplicationInstaller
.nbu=Nokia.ContentCopier
.ncb=
.NCH=
.ncs=ncsfile
.nef=PaintShopProStudio1.Image
.nfc=Nokia.ContentCopier
.nfo=MSInfo.Document
.NMW=T126_Whiteboard
.nws=Microsoft Internet News Message
.obj=
.ocx=ocxfile
.oc_=
.odc=
.odh=
.odl=
.opc=OPCFile
.opx=OrgPlusWOPX.4
.orf=PaintShopProStudio1.Image
.otf=otffile
.p10=P10File
.p12=PFXFile
.p7b=SPCFile
.p7c=certificate_wab_auto_file
.p7m=P7MFile
.p7r=SPCFile
.p7s=P7SFile
.pak=
.pbk=pbkfile
.PCD=
.pch=
.PCT=QuickTime.pct
.pdb=
.pdf=FoxitReader.Document
.pds=
.pef=PaintShopProStudio1.Image
.pfm=pfmfile
.pfx=PFXFile
.pic=QuickTime.pic
.PICT=QuickTime.pict
.pif=piffile
.pip=PIPFile
.pko=PKOFile
.pl=
.plist=QuickTimePreferences
.pls=
.pma=PerfFile
.pmc=PerfFile
.pml=PerfFile
.pmr=PerfFile
.pmw=PerfFile
.pnf=pnffile
.png=pngfile
.pnt=QuickTime.pnt
.pntg=QuickTime.pntg
.pot=PowerPointViewer.Template.11
.potm=PowerPointViewer.TemplateMacroEnabled.12
.potx=PowerPointViewer.Template.12
.ppam=
.ppi=ppifile
.pps=PowerPointViewer.SlideShow.11
.ppsm=PowerPointViewer.SlideShowMacroEnabled.12
.ppsx=PowerPointViewer.SlideShow.12
.ppt=PowerPointViewer.Show.11
.pptm=PowerPointViewer.ShowMacroEnabled.12
.pptx=PowerPointViewer.Show.12
.prc=
.PRF=prffile
.psd=
.psw=PSWFile
.qcp=
.qdat=QuickTimeInstallCache
.qds=SavedDsQuery
.qht=QuickTime.qht
.qhtm=QuickTime.qhtm
.qpa=QuickTimePlayerAddition
.qpx=QuickTimePlayerExtension
.qt=QuickTime.qt
.qti=QuickTime.qti
.qtif=QuickTime.qtif
.qtl=QuickTime.qtl
.qtp=QuickTimePreferences
.qtr=QuickTimeResources
.qts=QuickTimeSystem
.qtx=QuickTimeExtension
.qup=QuickTime.qup
.r00=WinRAR
.r01=WinRAR
.r02=WinRAR
.r03=WinRAR
.r04=WinRAR
.r05=WinRAR
.r06=WinRAR
.r07=WinRAR
.r08=WinRAR
.r09=WinRAR
.r10=WinRAR
.r11=WinRAR
.r12=WinRAR
.r13=WinRAR
.r14=WinRAR
.r15=WinRAR
.r16=WinRAR
.r17=WinRAR
.r18=WinRAR
.r19=WinRAR
.r20=WinRAR
.r21=WinRAR
.r22=WinRAR
.r23=WinRAR
.r24=WinRAR
.r25=WinRAR
.r26=WinRAR
.r27=WinRAR
.r28=WinRAR
.r29=WinRAR
.r3t=RealPlayer.R3T.6
.raf=PaintShopProStudio1.Image
.rar=WinZip
.rat=ratfile
.rc=
.rc2=
.rct=
.RDP=RDP.File
.reg=regfile
.rels=xmlfile
.res=
.rev=WinRAR.REV
.rf=RealPlayer.Flash.6
.rgb=
.rgs=
.rle=
.rmi=midfile
.rnk=rnkfile
.rnx=RealPlayer.RP.6
.rpc=
.rpl=RealPlayer.RPL.6
.rsp=
.rtf=Word.RTF.8
.rts=
.rtsp=
.rtx=txtfile
.rul=
.s=
.sam=
.sbe=SpybotSD.SBEFile
.sbi=SpybotSD.SBIFile
.sbr=
.sbs=SpybotSD.SBSFile
.sc=MMJB.SC
.sc9=Suitcase.Document
.scc=
.scf=SHCmdFile
.scp=txtfile
.scr=scrfile
.sct=scriptletfile
.sd2=QuickTime.sd2
.sdb=appfixfile
.sdp=QuickTime.sdp
.sdv=
.sgi=
.sha=MITrain.Document2
.shb=DocShortcut
.shs=ShellScrap
.shtm=
.shtml=shtmlfile
.shw=
.SIS=Nokia.ApplicationInstaller
.SISX=Nokia.ApplicationInstaller
.sit=
.sldm=
.sldx=
.smf=
.smi=
.smil=
.sml=
.snd=AUFile
.sol=
.sor=
.spc=SPCFile
.spl=ShockwaveFlash.ShockwaveFlash
.sql=
.srf=
.sr_=
.sst=CertificateStoreFile
.stf=STFFile
.stl=STLFile
.stm=
.swa=
.swf=ShockwaveFlash.ShockwaveFlash
.sym=
.sys=sysfile
.sy_=
.tab=
.tar=WinZip
.targa=
.TAZ=WinZip
.tbz=WinZip
.tbz2=WinZip
.tcs=tcsfile
.tdl=
.tga=
.tgz=WinZip
.theme=themefile
.thmx=
.tif=TIFImage.Document
.tiff=TIFImage.Document
.tlb=
.tlh=
.tli=
.tnfo=SpybotSD.TInfoFile
.trg=
.tsp=
.ttc=ttcfile
.ttf=ttffile
.tuw=TUWFile
.tvp=nView.Profile
.txt=txtfile
.TZ=WinZip
.udf=
.UDL=MSDASC
.udt=
.uls=ulsfile
.ulw=
.url=InternetShortcut
.user=
.usr=
.uti=SpybotSD.UTIFile
.uts=SpybotSD.UTSFile
.uu=WinZip
.uue=WinZip
.VB=
.VBE=VBEFile
.vbs=VBSFile
.vbx=
.vcf=vcard_wab_auto_file
.vcproj=
.vfw=
.viw=
.VMG=PCSuiteMessagesView
.vpg=RichFX.VPG.1
.vr1=
.vspscc=
.vsscc=
.vssscc=
.vxd=vxdfile
.wab=wab_auto_file
.war=
.wav=soundrec
.wave=
.wax=WAXFile
.wb2=
.wbc=Webshots.Collection
.wbk=Word.Backup.8
.wbp=Webshots.Collection
.wbz=Webshots.Extension
.wcs=wcsfile
.wdp=wdpfile
.webpnp=webpnpFile
.wgz=Nokia.ApplicationInstaller
.WHT=Whiteboard
.wiz=Word.Wizard.8
.wjf=WinZip.JobFile
.wk4=
.wll=Word.Addin.8
.wlt=
.wm=ASFFile
.wma=WMAFile
.wmd=WMDFile
.wmdb=WMP.WMDBFile
.wmf=wmffile
.wmp=WMPFile
.wms=WMSFile
.wmv=WMVFile
.wmx=ASXFile
.wmz=WMZFile
.wpd=
.wpg=
.wpl=WPLFile
.wri=wrifile
.wsc=scriptletfile
.WSF=WSFFile
.WSH=WSHFile
.wsz=
.wtx=txtfile
.wvx=WVXFile
.wzmul=WinZip.RegFile
.xaml=Windows.XamlDocument
.xbap=Windows.Xbap
.xht=xhtfile
.xhtml=xhtmlfile
.xix=
.xlam=
.xlsb=
.xlsm=
.xlsx=
.xltm=
.xltx=
.xml=xmlfile
.xps=XPSViewer.Document
.xsd=
.xsl=xslfile
.xslt=
.xxe=WinZip
.xxx=Stitch
.ybm=ybmfile
.z=WinZip
.z96=
.zap=zapfile
.ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
.zip=CompressedFolder
.zna=Zinio.Annotation
.zno=Zinio.Magazine

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.