OTL Extras logfile created on: 6/22/2010 5:44:34 AM - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\HP_Owner\Desktop\virus fight\program downloads Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free 3.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 71.84 Gb Total Space | 29.38 Gb Free Space | 40.90% Space Free | Partition Type: NTFS Drive D: | 39.94 Gb Total Space | 4.71 Gb Free Space | 11.79% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-4F1261A8E5 Current User Name: HP_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Scan with SpySubtract...] -- "C:\Program Files\InterMute\SpySubtract\SpySub.exe" "-sc" "%1" (InterMute, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Computer, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe:*:Disabled:BackWeb for Pavilion -- (Hewlett-Packard) "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:Earthlink -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Computer, Inc.) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger -- File not found "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Mozilla Firefox -- (Mozilla Corporation) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA}" = PC-Doctor for Windows "{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE "{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security "{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp "{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant "{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{28CFF19D-B92C-4109-A427-F75505E81688}" = cp_dwSharkTaleAlbums1 "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator "{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FCD82D-1CED-436d-B33C-874EEC666D68}" = cp_dwSharkTaleCards1 "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy "{3AEF2F6C-F1D3-47CD-BF3B-A327F1FABE58}" = PSPrinters06 "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security "{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C04DF1B-6A39-4299-9DD1-1FA60000266E}" = HP Photosmart Cameras 4.0 "{503AA035-41E2-4858-B31F-1E49AC66C309}" = Norton Security Center "{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}" = Norton Internet Security "{55508A44-8225-47AB-9666-1F57A5B5CE2E}" = CP_PLSBusinessFlyers "{5677563D-0CB1-485f-9E18-C5025306BB3F}" = Norton AntiSpam "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations "{6B350CA4-0031-0002-3757-34999AD85AEC}" = InterVideo WinDVD Creator "{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03 "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{725249C3-B94C-4141-8799-0D3BA43D0812}" = CameraDrivers "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC "{7B98685A-4E21-4A4F-A2D6-DC557042BADA}" = HPIZplus450 "{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects "{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen "{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.0 "{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme "{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security "{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}" = Photosmart 320,370,7400,8100,8400 Series "{AADFE0B9-F905-4d5f-A144-0ADB2EFA747B}" = Norton Internet Security "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2 "{B103C8A7-D1CC-4B1A-BD41-883F652E097D}" = muvee autoProducer 3.5 magicMoments - HPD "{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc "{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director "{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes "{C3F058C0-A21C-452D-8D99-95B1A45F417D}" = InterVideo DiscLabel "{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005 "{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}" = Norton Internet Security "{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg "{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = HP Organize "{D0420D64-8D33-4374-A2B2-9225C7925CA6}" = HP Image Zone Plus 4.5.3 "{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}" = CC_ccProxyExt "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security "{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update "{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm "{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers "{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update "{FC08587A-4F01-4188-819F-F55880022917}" = ccPxyCore "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "{FC2C0536-583C-46c0-844A-62CECAE01F22}" = Norton Internet Security "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems PCI Soft Modem "BackWeb-309731 Uninstaller" = Updates from HP "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "ERUNT_is1" = ERUNT 1.1j "Help and Support Additions" = Help and Support Additions "HijackThis" = HijackThis 2.0.2 "HP Photo & Imaging" = HP Image Zone 4.5.3 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA}" = PC-Doctor for Windows "InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up "InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes "LiveReg" = LiveReg (Symantec Corporation) "LiveUpdate" = LiveUpdate 2.5 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PS2" = PS2 "Python 2.2.3" = Python 2.2.3 "pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203) "QuickTime" = QuickTime "RealPlayer 6.0" = RealPlayer "SafeClean Utilities 3" = SafeClean Utilities 3.0 "SiS VGA Driver" = SiS VGA Utilities "SpySubtract" = SpySubtract "Sure Delete_is1" = Sure Delete 5.1.1 "SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2005 (Symantec Corporation) "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 6/21/2010 1:59:45 AM | Computer Name = YOUR-4F1261A8E5 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 6/21/2010 1:59:46 AM | Computer Name = YOUR-4F1261A8E5 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 6/21/2010 2:04:49 AM | Computer Name = YOUR-4F1261A8E5 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: A connection with the server could not be established Error - 6/21/2010 2:04:49 AM | Computer Name = YOUR-4F1261A8E5 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. Error - 6/21/2010 9:20:04 PM | Computer Name = YOUR-4F1261A8E5 | Source = Application Error | ID = 1000 Description = Faulting application lucoms~1.exe, version 2.0.39.0, faulting module unknown, version 0.0.0.0, fault address 0x6eabadb1. Error - 6/21/2010 9:35:06 PM | Computer Name = YOUR-4F1261A8E5 | Source = Application Hang | ID = 1002 Description = Hanging application LUALL.EXE, version 2.5.55.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 6/21/2010 9:36:54 PM | Computer Name = YOUR-4F1261A8E5 | Source = Application Error | ID = 1000 Description = Faulting application lucoms~1.exe, version 2.0.39.0, faulting module unknown, version 0.0.0.0, fault address 0x6eabadb1. Error - 6/21/2010 9:43:28 PM | Computer Name = YOUR-4F1261A8E5 | Source = MsiInstaller | ID = 11706 Description = Product: ccCommon -- Error 1706. No valid source could be found for product ccCommon. Windows Installer cannot continue. Error - 6/21/2010 9:43:38 PM | Computer Name = YOUR-4F1261A8E5 | Source = MsiInstaller | ID = 11706 Description = Product: ccCommon -- Error 1706. No valid source could be found for product ccCommon. Windows Installer cannot continue. Error - 6/21/2010 9:47:09 PM | Computer Name = YOUR-4F1261A8E5 | Source = MsiInstaller | ID = 11706 Description = Product: ccCommon -- Error 1706. No valid source could be found for product ccCommon. Windows Installer cannot continue. [ System Events ] Error - 6/22/2010 4:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1373.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 4:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At2741.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 4:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At5.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1278.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1302.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1326.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1350.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At1374.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At2742.job command failed to start due to the following error: %%2147942402 Error - 6/22/2010 5:08:00 AM | Computer Name = YOUR-4F1261A8E5 | Source = Schedule | ID = 7901 Description = The At6.job command failed to start due to the following error: %%2147942402 < End of report >