I followed all directions under the cleaning guide with the exception of RootRepeal...I followed all instructions but once the scan started my screen went black with a blue bar at the bottom and said to contact my technical support team for assistance and froze. As for running an antivirus software, I ran my trendmicro and it found nothing..I then downloaded and ran Avira AntiVir and it removed 6 detections. I basically just want to make sure our family computer is clean. Thanks for any help!
Malwarebytes' Anti-Malware 1.39
Database version: 2423
Windows 6.0.6002 Service Pack 2
9/17/2009 12:11:43 PM
mbam-log-2009-09-17 (12-11-43).txt
Scan type: Quick Scan
Objects scanned: 79622
Time elapsed: 8 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 9/17/2009 12:50:02 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 90.15% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.84 Gb Total Space | 150.58 Gb Free Space | 67.57% Space Free | Partition Type: NTFS
Drive D: | 10.04 Gb Total Space | 1.75 Gb Free Space | 17.43% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/06/05 21:10:39 | 01,205,760 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2008/03/28 05:17:20 | 00,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2008/06/27 20:43:24 | 00,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
PRC - [2008/03/18 19:24:58 | 00,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\Hpservice.exe
PRC - [2008/03/28 05:17:20 | 00,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2003/08/18 06:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXBCES.EXE
PRC - [2003/08/18 06:32:56 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXPPS.EXE
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2008/02/12 01:05:54 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
PRC - [2007/12/11 15:15:04 | 00,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/04/11 02:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/02/26 17:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/02/27 19:07:26 | 00,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoms.exe
PRC - [2008/05/15 01:56:54 | 00,292,248 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2008/05/15 01:56:58 | 00,116,112 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2008/03/28 02:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/03/26 18:26:56 | 00,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe
PRC - [2007/11/01 18:13:26 | 00,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/01/09 05:25:00 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/03/27 11:13:18 | 00,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
PRC - [2008/03/27 11:13:23 | 00,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2600 Series\ezprint.exe
PRC - [2009/09/10 15:16:18 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/14 10:59:14 | 00,703,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2008/04/16 14:52:28 | 00,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/05/13 15:40:08 | 06,345,840 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/04/11 02:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008/01/20 22:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2009/04/21 18:26:52 | 04,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2008/07/29 15:28:12 | 01,398,024 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2008/01/20 22:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2008/11/09 16:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/02/16 00:34:18 | 00,333,064 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/04/11 02:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/04/11 02:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/04/11 02:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/05/29 23:00:06 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/03/28 02:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/05/26 21:06:32 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2008/04/15 16:40:10 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2009/04/21 18:26:50 | 00,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
PRC - [2009/09/17 12:41:43 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2008/02/26 14:10:56 | 00,648,456 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/02/12 01:05:54 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe -- (AESTFilters [Auto | Running])
SRV - [2007/12/11 15:15:04 | 00,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/03/28 05:17:20 | 00,667,648 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/03/30 00:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/04/03 14:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx [On_Demand | Stopped])
SRV - [2008/01/20 22:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 02:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/02/18 14:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/08/05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/05/29 23:00:00 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/15 16:40:10 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running])
SRV - [2008/01/25 21:05:30 | 00,148,832 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [On_Demand | Stopped])
SRV - [2008/03/18 19:24:58 | 00,019,456 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\Hpservice.exe -- (hpsrv [Auto | Running])
SRV - [2004/10/22 06:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/02/18 14:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2003/08/18 06:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2008/02/26 17:13:22 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/02/27 19:07:14 | 00,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe -- (lxdnCATSCustConnectService [Auto | Stopped])
SRV - [2008/02/27 19:07:26 | 00,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoms.exe -- (lxdn_device [Auto | Running])
SRV - [2009/02/18 14:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/05/15 01:56:54 | 00,292,248 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc [Auto | Running])
SRV - [2008/05/15 01:56:58 | 00,116,112 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched [Auto | Running])
SRV - [2008/03/26 18:26:56 | 00,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows [Auto | Running])
SRV - [2007/01/09 05:25:00 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/04/14 10:59:14 | 00,703,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
SRV - [2008/06/27 20:43:24 | 00,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe -- (STacSV [Auto | Running])
SRV - [2008/02/16 00:34:18 | 00,333,064 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer [Auto | Running])
SRV - [2008/02/26 14:10:56 | 00,648,456 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (tmproxy [On_Demand | Running])
SRV - [2009/04/21 18:26:52 | 04,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])
SRV - [2008/01/20 22:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc [Auto | Running])
SRV - [2008/01/20 22:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2009/06/05 21:10:39 | 01,205,760 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService [Auto | Running])
SRV - [2008/11/09 16:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/05/22 22:49:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/26 03:00:48 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe File not found
O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://fb.familylink...geUploader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O30 - LSA: Authentication Packages - (ows\S) - File not found
O30 - LSA: Security Packages - (5952-1348630217-1000) - File not found
O30 - LSA: Security Packages - (&) - File not found
O30 - LSA: Security Packages - (퀨) - File not found
O30 - LSA: Security Packages - (') - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/22 22:20:45 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{05bd2bc3-a48a-11dd-af6c-001e68c43577}\Shell - "" = AutoRun
O33 - MountPoints2\{05bd2bc3-a48a-11dd-af6c-001e68c43577}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found
========== Files/Folders - Created Within 14 Days ==========
[2009/09/17 12:41:40 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2009/09/17 12:30:58 | 00,000,000 | ---- | C] () -- C:\Users\Owner\Desktop\settings.dat
[2009/09/17 12:30:31 | 00,472,064 | ---- | C] ( ) -- C:\Users\Owner\Desktop\RootRepeal.exe
[2009/09/17 12:27:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2009/09/17 12:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2009/09/17 12:17:41 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/09/17 12:16:49 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/09/17 12:16:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/09/17 12:11:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/09/17 12:08:54 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/09/17 12:07:56 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/09/17 12:06:42 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/11 11:03:47 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/09/11 11:03:47 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/09/11 11:03:44 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/09/11 10:42:52 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/09/10 11:57:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Lx_cats
[2009/09/10 11:55:52 | 00,000,000 | ---D | C] -- C:\logs
[2009/09/10 11:52:46 | 00,077,304 | ---- | C] () -- C:\Windows\System32\lxdnprpr.chm
[2009/09/10 11:52:44 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdncoin.dll
[2009/09/10 11:47:40 | 00,000,000 | ---D | C] -- C:\ProgramData\Ezprint
[2009/09/10 11:47:01 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2009/09/10 11:46:37 | 00,000,044 | ---- | C] () -- C:\Windows\System32\lxdnrwrd.ini
[2009/09/10 11:46:22 | 00,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll
[2009/09/10 11:46:22 | 00,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll
[2009/09/10 11:46:22 | 00,016,652 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2009/09/10 11:46:21 | 00,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll
[2009/09/10 11:46:21 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll
[2009/09/10 11:46:20 | 01,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll
[2009/09/10 11:46:20 | 00,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll
[2009/09/10 11:46:19 | 00,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll
[2009/09/10 11:46:19 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll
[2009/09/10 11:46:18 | 00,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll
[2009/09/10 11:46:16 | 00,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll
[2009/09/10 11:46:16 | 00,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe
[2009/09/10 11:46:15 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll
[2009/09/10 11:46:13 | 00,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe
[2009/09/10 11:46:13 | 00,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll
[2009/09/10 11:46:12 | 00,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll
[2009/09/10 11:46:12 | 00,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe
[2009/09/10 11:46:11 | 00,077,906 | ---- | C] (Lexmark International) -- C:\Windows\System32\LXDNcfg.dll
[2009/09/10 11:46:11 | 00,001,633 | ---- | C] () -- C:\Windows\System32\lxdn.loc
[2009/09/10 11:45:59 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 2600 Series
[2009/09/09 06:55:09 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009/09/04 13:14:45 | 00,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/09/04 13:14:29 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/09/04 13:14:29 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/09/04 13:14:28 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/09/04 13:14:20 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/09/04 13:14:20 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/09/04 08:47:38 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/09/03 21:00:03 | 00,359,932 | ---- | C] () -- C:\Users\Owner\Desktop\dds.scr
========== Files - Modified Within 14 Days ==========
[2009/09/17 12:52:57 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/09/17 12:52:57 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/09/17 12:52:57 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/09/17 12:46:28 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/17 12:46:28 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/17 12:46:25 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/09/17 12:46:17 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/09/17 12:41:43 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2009/09/17 12:33:11 | 26,450,1365 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/09/17 12:30:58 | 00,000,000 | ---- | M] () -- C:\Users\Owner\Desktop\settings.dat
[2009/09/17 12:30:35 | 00,472,064 | ---- | M] ( ) -- C:\Users\Owner\Desktop\RootRepeal.exe
[2009/09/17 12:21:30 | 02,703,669 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2009/09/17 12:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At13.job
[2009/09/17 11:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At12.job
[2009/09/17 10:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At11.job
[2009/09/17 09:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At10.job
[2009/09/17 08:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job
[2009/09/17 07:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At8.job
[2009/09/17 06:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job
[2009/09/17 05:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At6.job
[2009/09/17 04:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At5.job
[2009/09/17 03:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At4.job
[2009/09/17 02:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job
[2009/09/17 01:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job
[2009/09/17 00:16:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2009/09/16 23:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At24.job
[2009/09/16 22:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job
[2009/09/16 21:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At22.job
[2009/09/16 20:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2009/09/16 19:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At20.job
[2009/09/16 18:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job
[2009/09/16 17:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At18.job
[2009/09/16 16:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job
[2009/09/16 15:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At16.job
[2009/09/16 14:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job
[2009/09/16 13:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\tasks\At14.job
[2009/09/15 12:43:02 | 00,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2009/09/11 13:00:02 | 00,001,644 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L2B3A7DF17E1740CCA57A7AF1D96E2285.job
[2009/09/11 11:09:06 | 00,314,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/09/10 11:55:58 | 00,016,652 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2009/09/04 13:14:46 | 00,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/09/04 10:17:33 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/09/03 21:00:09 | 00,359,932 | ---- | M] () -- C:\Users\Owner\Desktop\dds.scr
========== LOP Check ==========
[2009/07/26 00:00:46 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming
[2008/10/27 20:37:50 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ATI
[2008/11/29 15:06:00 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\CyberLink
[2009/04/29 21:33:43 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Elluminate
[2009/01/23 18:33:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Intuit
[2009/09/04 03:06:18 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2008/11/10 13:43:31 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Move Networks
[2009/05/15 14:20:27 | 00,000,000 | RH-D | M] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2009/09/17 00:16:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2009/09/17 09:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2009/09/17 10:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2009/09/17 11:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2009/09/17 12:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2009/09/16 13:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2009/09/16 14:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2009/09/16 15:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2009/09/16 16:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2009/09/16 17:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2009/09/16 18:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2009/09/17 01:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2009/09/16 19:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2009/09/16 20:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2009/09/16 21:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2009/09/16 22:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2009/09/16 23:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2009/09/17 02:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2009/09/17 03:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2009/09/17 04:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2009/09/17 05:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2009/09/17 06:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2009/09/17 07:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2009/09/17 08:00:00 | 00,000,350 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2009/09/15 12:43:02 | 00,000,322 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForOwner.job
[2009/09/17 12:46:25 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/09/17 12:21:42 | 00,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/09/11 13:00:02 | 00,001,644 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L2B3A7DF17E1740CCA57A7AF1D96E2285.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
< %systemroot%\system32\scecli.dll >
[2009/04/11 02:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
[2006/11/02 05:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< End of report >
OTL Extras logfile created on: 9/17/2009 12:50:02 PM - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 90.15% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.84 Gb Total Space | 150.58 Gb Free Space | 67.57% Space Free | Partition Type: NTFS
Drive D: | 10.04 Gb Total Space | 1.75 Gb Free Space | 17.43% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F46174F-796B-4FC0-BAFF-ABAD1C2B5193}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{1580F8C4-7F96-40B8-9985-5FE90904A363}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{1DD3AEF4-3D94-47E5-B620-4E3A5F5E6E54}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{2091A17D-FCCD-483F-AF2B-827C3D1F94CA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{29AAF573-F7A5-4CB7-9EAC-979E8BB1FF27}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{31EFD9AF-1DC4-4F89-BC89-DE487C7F1B4C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52F0D097-4A39-437B-96FF-F6EA98DC6ADA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5FA8CF93-2A85-40B1-96EE-80B407066129}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe |
"{7CACF02E-667B-43D0-94C0-3AE7A07D3341}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7F137B89-AA3E-4139-A766-463A33501FCF}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{7FCB585C-9D45-4A66-8753-F2751E1C1DE1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8FFA6566-EB0E-430D-A81A-3E0C2FF38E31}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{97A8C987-3C4E-466D-B176-453D66462F41}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{9B04CD62-979C-42C8-BC42-585DAC9D2369}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9F30C5C4-01C4-441A-A0E1-463DE9728254}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AFB81D35-0D10-430F-9C6F-5A7D081D905C}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B773DF5A-6D2E-485C-8FDF-383CD6192AD3}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{BAE758EF-2C8E-499C-A315-7E75D6024212}" = dir=in | app=c:\program files\cyberlink\powerdirector express\pdx.exe |
"{C4D88C19-8649-4B61-AAC4-740D36981C35}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{D88B0DAB-145D-411D-BBF8-A2B653F6F216}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{DA5AEC07-4D90-4619-A2DC-56B21E5E906E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"{E8E6F306-2DC9-4DB9-AAD6-B6BA1678F262}" = protocol=58 | dir=in | app=system |
"{EF88E063-B6C8-43CC-BB7F-4DD0069A4895}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F17D8473-B421-4F98-99E2-707465629E77}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe |
"{F6A0CC2F-77B4-4A61-B855-0F0244C0C2EA}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{F96C1D10-1210-4F84-B5F8-259809B4F9ED}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"TCP Query User{18B0F3B8-72EF-425B-9A03-BC02C7822B01}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{2D28B9F4-78C2-43CF-A276-C5008125EC88}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"TCP Query User{C7FF6385-0ED2-4097-9E4B-E240754550F5}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{CE669033-A832-4286-8DDF-F851DCA9DCAE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0D1F1B62-EC00-494F-A8C9-155A0B106856}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{A9F920A5-6876-49F9-982A-1145C9219ED5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C1F4C538-29C6-4241-99E3-F97270F21CA2}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"UDP Query User{FF2EAEAC-1A35-47F1-AE25-DD2395AFA57E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{024D1716-9F42-0039-06E5-F4279D6C4382}" = CCC Help Russian
"{04556846-E511-3FE9-E824-3588075C8036}" = Catalyst Control Center Graphics Full Existing
"{05CD72BE-7783-AAB9-0C05-2D8DBD2DD444}" = Catalyst Control Center Localization Dutch
"{0612E132-33FF-4488-9C31-F8D485D6866D}" = Catalyst Control Center Graphics Light
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0B3DB1B2-404C-AAA8-B32E-E65520EDE74D}" = CCC Help Polish
"{10504622-2818-C312-55CC-A72D36A31DBC}" = CCC Help Swedish
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22E9CF2B-4063-4dab-A251-93FA46F7DECC}_is1" = Spy Sweeper
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2A34320A-56F9-9C4F-D325-77AC8A54C8B6}" = Catalyst Control Center Localization Japanese
"{2C9FF444-79C0-C0C4-7B21-0E77C872AF53}" = CCC Help Danish
"{2CA3E0A5-9281-6E67-1843-A6CC0B00BD74}" = Catalyst Control Center Localization French
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{31775690-0E29-2AB1-75DE-C406152CBD1D}" = Catalyst Control Center Localization Chinese Standard
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3466C4D1-508A-0E36-EB05-2E53766F27E0}" = CCC Help Italian
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing
"{38DCD6F5-C4DC-25E5-C113-0A909558FC2C}" = CCC Help Norwegian
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{3FA160E2-066B-8D77-FCF4-F001F236E8E7}" = CCC Help Spanish
"{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}" = Catalyst Control Center - Branding
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{431CED44-A6D3-4E4A-2B76-04D1A861FCCE}" = Catalyst Control Center Localization Swedish
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{475144D0-A4D6-C553-42B5-7BB60FCEF9EC}" = Catalyst Control Center Localization German
"{49BA6327-744C-3D20-16DB-6E98BF66D0FD}" = Catalyst Control Center Localization Danish
"{4B4D411D-E363-7E6B-68C3-C8E2EF02B7C6}" = CCC Help Chinese Traditional
"{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{50DB0F17-4180-31F7-F26B-B40CBA8BA6E0}" = CCC Help German
"{530FFED3-1F94-4E6E-AE1E-AFDEED340FCA}" = Deal or No Deal
"{5396C246-53B5-4BBA-62DC-8308C7357EFE}" = Catalyst Control Center Localization Polish
"{54CAEF60-0258-2D8E-F01F-24BC689EA8A9}" = Catalyst Control Center Localization Portuguese
"{560BB29B-41C5-88E4-4847-B4B1DDB47B9B}" = Catalyst Control Center Localization Czech
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{59748B12-406B-7EA4-355D-3BBD62E97C69}" = Catalyst Control Center Localization Turkish
"{5B4E5823-7265-9A19-A871-36E75824F7BE}" = CCC Help French
"{5EBC76DA-573E-7D96-A6F8-F4B9DE97A15F}" = Catalyst Control Center Localization Greek
"{623AD94E-1621-5AA1-BD6D-0EF08C9D7851}" = Catalyst Control Center Core Implementation
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6DBCFFF6-2A7B-4AE4-8FC8-1216442E2814}" = CCC Help Korean
"{6FCBD7F7-6A29-089F-E5DB-E33EFCF306CD}" = Catalyst Control Center Localization Spanish
"{708B7143-D316-459C-9CD1-BA41DFF521E5}" = Deal or No Deal - Secret Vault Games
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro AntiVirus
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{762D9F20-593B-436E-CAC3-B3D9F4DA7A90}" = Catalyst Control Center Localization Chinese Traditional
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80C2AD19-97A2-C829-38DE-5FD5B47F122B}" = ATI Catalyst Install Manager
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8436F8D7-AA62-83DA-3BC5-E04871BF5F61}" = CCC Help Portuguese
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{84F40C39-1E61-B3A7-833A-3A376AB53394}" = CCC Help Japanese
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931FB38C-D5D4-4DBD-3723-50140A67F276}" = CCC Help Turkish
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96A959C9-51E1-C920-A9FA-269BB462A940}" = CCC Help Czech
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A102E7E3-2A4E-F509-3EF6-019F45C83196}" = CCC Help Dutch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A57222BD-51E3-7765-A008-9B6428402A59}" = CCC Help Hungarian
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}" = Trend Micro AntiVirus
"{A8ACD338-255C-B53D-7F19-ED7293B291E8}" = Catalyst Control Center Localization Norwegian
"{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B69F28DF-CBB1-41B7-008A-210E4D0518FC}" = Harry Potter and the Order of the Phoenix™
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD41A0CF-79B4-98D8-B9B9-3DE8BEC8A861}" = Catalyst Control Center Localization Finnish
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4B2636B-D76D-7C23-3010-99E96693F0B5}" = Catalyst Control Center Graphics Previews Vista
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9E9386A-7E81-796A-3465-8471A239A8A0}" = CCC Help Chinese Standard
"{CA4498C8-5146-E527-27A7-1B4F81C9BF05}" = CCC Help Thai
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DEC3A80C-49D3-2885-2A03-3FBA61A5D40F}" = Catalyst Control Center Localization Italian
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E0B276B1-97D7-7AD2-548F-248A7745A1ED}" = CCC Help Greek
"{E2ADC6FA-4233-54E6-29EC-E60EAD096A50}" = Catalyst Control Center Localization Hungarian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3EA025D-29A0-530C-9CA7-DBB5C49BB6DB}" = Skins
"{E96FFA19-E94B-D32B-E103-E78A0877245A}" = Catalyst Control Center Localization Thai
"{EAE4AD65-89F2-3DE8-DF46-CCB34393CAA0}" = Catalyst Control Center Localization Russian
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE3D717C-D93F-2A2B-F641-F59F48E11895}" = ccc-utility
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F447BD4C-65C3-A6D9-8A5F-5E822E32E1BC}" = Catalyst Control Center Localization Korean
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F48FEA7A-2B87-8270-927C-20A0E7E5EBC2}" = CCC Help English
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FCC92CBC-F520-A906-C002-9A6236308916}" = Catalyst Control Center Graphics Full New
"{FEC99680-66C4-C8C7-084B-2FB1B257777C}" = CCC Help Finnish
"{FEEDAB32-F937-8319-D3F1-FFFC98C2111E}" = ccc-core-static
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"Creative WebCam Center" = Creative WebCam Center
"ERUNT_is1" = ERUNT 1.1j
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"jewelquestsolitaireiii" = Jewel Quest Solitaire III
"JumpStart Advanced Preschool" = JumpStart Advanced Preschool
"JumpStart Advanced PreSchool Explore and Learn" = JumpStart Advanced PreSchool Explore and Learn
"JumpStart Art for Fun" = JumpStart Art for Fun
"JumpStart Languages" = JumpStart Languages
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PhotoScape" = PhotoScape
"RealArcade" = RealArcade
"Samantha Swift and the Golden Touch" = Samantha Swift and the Golden Touch (remove only)
"Sesame Street First Steps" = Sesame Street First Steps (remove only)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Game Of Life" = The Game Of Life
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/12/2009 10:22:01 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18813 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 644 Start Time: 01ca3417743f7b50 Termination Time: 0
Error - 9/13/2009 12:34:52 AM | Computer Name = Owner-PC | Source = EventSystem | ID = 4621
Description =
Error - 9/13/2009 8:42:10 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/16/2009 11:59:37 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module Flash10c.ocx, version 10.0.32.18, time stamp 0x4a613d79,
exception code 0xc0000005, fault offset 0x00077e20, process id 0x130c, application
start time 0x01ca374b25538d60.
Error - 9/17/2009 12:00:25 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module Flash10c.ocx, version 10.0.32.18, time stamp 0x4a613d79,
exception code 0xc0000005, fault offset 0x00077e20, process id 0x498, application
start time 0x01ca374b49aa0ae0.
Error - 9/17/2009 12:01:57 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module Flash10c.ocx, version 10.0.32.18, time stamp 0x4a613d79,
exception code 0xc0000005, fault offset 0x00077e20, process id 0x15ac, application
start time 0x01ca374b69a42380.
Error - 9/17/2009 11:56:47 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/17/2009 12:16:34 PM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
Error - 9/17/2009 12:26:27 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/17/2009 12:33:45 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 12/18/2008 8:28:52 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 4/27/2009 7:38:25 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 9/6/2009 5:26:06 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 9/17/2009 12:33:18 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:31:31 PM on 9/17/2009 was unexpected.
Error - 9/17/2009 12:33:45 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/17/2009 12:33:45 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 9/17/2009 12:33:45 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/17/2009 12:33:45 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 9/17/2009 12:46:18 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:45:11 PM on 9/17/2009 was unexpected.
Error - 9/17/2009 12:47:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/17/2009 12:47:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 9/17/2009 12:47:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/17/2009 12:47:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >