OTL Extras logfile created on: 12/23/2011 8:30:33 AM - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Downloads\Geeks to Go Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.28% Memory free 3.84 Gb Paging File | 2.90 Gb Available in Paging File | 75.56% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.50 Gb Total Space | 28.01 Gb Free Space | 37.60% Space Free | Partition Type: NTFS Computer Name: USER-W05P6ZM3U6 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = ComFile] -- "%1" %* .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "83:TCP" = 83:TCP:*:Enabled:Web Dictate Web Server "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Files and Settings Transfer Wizard -- (Microsoft Corporation) "C:\WINDOWS\system32\VoissAssistant.exe" = C:\WINDOWS\system32\VoissAssistant.exe:*:Enabled:VoissAssistant -- (Tekelec) "C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\IBP 11\IBP.exe" = C:\Program Files\IBP 11\IBP.exe:*:Enabled:Internet Business Promoter -- (Axandra GmbH) "C:\Program Files\SubmitEaze\j2re1.6\bin\javaw.exe" = C:\Program Files\SubmitEaze\j2re1.6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "C:\Program Files\NotePage\FeedForAll\FeedForAll.exe" = C:\Program Files\NotePage\FeedForAll\FeedForAll.exe:*:Enabled:FeedForAll -- (NotePage, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\OnlyWire\OnlyWireWindows.exe" = C:\Program Files\OnlyWire\OnlyWireWindows.exe:*:Enabled:OnlyWire Submitter -- () "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google) "C:\Program Files\Java\jre6\launch4j-tmp\Yahtzee.exe" = C:\Program Files\Java\jre6\launch4j-tmp\Yahtzee.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation) "C:\Program Files\FileZilla FTP Client\filezilla.exe" = C:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project) "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Disabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe" = C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe:*:Enabled:FreeFileViewerUpdateChecker -- (Bitberry Software) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00D6FA20-0E53-4ACA-A96F-44A312E59C3C}" = Directory Submitter Full "{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}" = Smart Office Keyboard "{036CB3BC-64EF-107A-AC71-DB7F2BA22350}" = SAT "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{194BFA8B-8ABF-43F4-A4B5-A38F6B21C3C2}" = Google AdWords Editor "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16 "{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{28E7B64D-150F-4A9E-B7A3-5A6AC8C2F822}" = ebgcSDK "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java(TM) SE Development Kit 6 Update 13 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{39B1BD87-561E-4762-AED9-7C5213B06C24}" = ebgcInfra "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{47DC807C-9953-4E7A-96CF-9BF3944CB5DE}_is1" = Satellite Direct v8.8.0.9 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate "{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service "{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver "{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6DC78921-0A7C-49DF-A0EC-6B4A50918B5D}" = Xara Designer Pro 6 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7396F7C8-EDD8-4473-BF6A-2CE4996716E1}" = JavaFX(TM) 1.1 SDK "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{8520852F-A561-43BF-8DA5-49B1858E120F}" = SmartMonitor1.10 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EB39AA7-4019-4550-AF6C-BE51BB27B446}" = TC Web Conferencing "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90170409-6000-11D3-8CFE-0050048383C9}" = Microsoft FrontPage 2002 "{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content "{90381EFF-A3F1-42FB-8CF5-E3C941DC0548}" = Style Master 4.6 "{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABA26E1-843A-4A72-95AF-C72474E191F6}" = Hoyle Card Games 2003 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9B4E6CB9-E54D-47F7-A414-E2D5740E1033}" = Nero 7 Essentials "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A3B203C5-7A07-4B18-B4F5-3E5ABEAB0AAA}" = MiracleTrafficBot "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABD1DC2F-0D20-4C44-BEB9-3EEFA0EA1033}" = SecurDisc Viewer "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync "{B4BF87C8-3EEC-4774-82A2-584F109187B1}" = Genesys USB Mass Storage Device "{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1 "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BD83DE5D-4579-4855-95C5-7F3E7C99FC77}" = SpeedPPC Campaign Builder "{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CB33664C-5683-40AB-B968-01276F6F3446}" = ebgcRes "{CD0159C9-17FB-11D6-A76A-00B0D079AF64}" = Java 2 Runtime Environment, SE v1.4.1 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{DB0B6D3F-FEAB-4BA9-A5D6-C66B86FE7920}" = JMailer "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help "{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m "{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5 "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard "{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki "7-Zip" = 7-Zip 4.65 "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop 5.5" = Adobe Photoshop 5.5 "Advanced CSV Converter" = Advanced CSV Converter 3.1 "Affiliate ID Manager Rebrander_is1" = Affiliate ID Manager Rebrander - Version No.1 "Affiliate ID Manager_is1" = Affiliate ID Manager - Version No.1 "AtcL2" = Attansic L2 Fast Ethernet Driver "Atomic Mail Sender_is1" = Atomic Mail Sender 3.12 "audcle" = Plus! MP3 Audio Converter LE "avast" = avast! Internet Security "Banner Maker Pro 6_is1" = Banner Maker Pro Version 6 "Banner Maker Pro for Flash 2_is1" = Banner Maker Pro for Flash Version 2 "Bejeweled Twist 1.0" = Bejeweled Twist 1.0 "Blog Link Generator 1.4" = Blog Link Generator 1.4 "Byki Express" = Byki Express "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Contact_Form_Builder" = Contact Form Uninstall "Content Magnet Article Extractor_is1" = Content Magnet Article Extractor 1.0 "Coupon Printer for Windows4.0" = Coupon Printer for Windows "DivX Setup.divx.com" = DivX Setup "drmtool.inf" = Personal License Update Wizard for Windows Media Player "Dynomite® Deluxe" = Dynomite® Deluxe "EditPlus 3" = EditPlus 3 "FeedForAll v2.0" = FeedForAll v2.0 "FileZilla Client" = FileZilla Client 3.5.2 "Free_Traffic_Bar Toolbar" = Free_Traffic_Bar Toolbar "FreeFileViewer_is1" = Free File Viewer 2011 "Graboid Video" = Graboid Video 1.65 "Graphics Giant Banner Backgrounds_is1" = Graphics Giant Banner Backgrounds "HDMI" = Intel(R) Graphics Media Accelerator Driver "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IAW20" = IAW20 "IBP11_is1" = IBP 11.6.2 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "ieSpell" = ieSpell "InCD!UninstallKey" = InCD "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{9ABA26E1-843A-4A72-95AF-C72474E191F6}" = Hoyle Card Games 2003 "InstallShield_{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5 "Instant Video Suite_is1" = Instant Video Suite v1.0 "InstantArticleWizard" = InstantArticleWizard "Java Web Start" = Java Web Start "jZip" = jZip "KeyScrambler" = KeyScrambler "Keyword Blitz_is1" = Keyword Blitz "Macro Marketer" = Macro Marketer "MAGIX_MSI_XtremePro6" = Xara Designer Pro 6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Press Interactive Training" = Microsoft Interactive Training "mmmusic" = Movie Maker Background Music Files "mmsounds" = Movie Maker Sound Effects "mmtitle" = Movie Maker Title Images "mplibwiz.inf" = Media Library Management Wizard "mpxlswiz.inf" = Windows Media Player Playlist Import to Excel Wizard "mpxptray.inf" = Windows Media Player Tray Control "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSNINST" = MSN "MSRS" = MSRS Recording System "NetObjects Fusion Essentials" = NetObjects Fusion Essentials "NicheHorde" = NicheHorde "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control "Opera 11.60.1185" = Opera 11.60 "PDF Power Brand_is1" = Pdf Power Brand v3.5 "Pixillion" = Pixillion Image Converter "ProjectWhois" = ProjectWhois "RealPlayer 15.0" = RealPlayer "ReaSoft PDF Printer Standard Edition_is1" = ReaSoft PDF Printer 3.8 Standard Edition "RecordForAll_is1" = RecordForAll 1.2.5.0 "RegCure" = RegCure "Risk" = Risk "RSS Announcer 1.4" = RSS Announcer 1.4 "Sales Letter Creator 1.4" = Sales Letter Creator 1.4 "SAT" = SAT "SeoQuake for IE_is1" = SeoQuake "SharpReader_is1" = SharpReader 0.9.7.0 "Shop for HP Supplies" = Shop for HP Supplies "SubmitEaze" = SubmitEaze "TopStyle4_is1" = TopStyle 4 "Trusted Software Assistant_is1" = File Type Assistant "VLC media player" = VideoLAN VLC media player 0.8.6d "wa2wmp" = Windows Media Player Skin Importer "WavePad" = WavePad Sound Editor "Webmaster Email Extractor" = Webmaster Email Extractor "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMBK2" = Windows Media Bonus Pack for Windows XP "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "WorldCast_is1" = WorldCast 4.0 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xenu's Link Sleuth" = Xenu's Link Sleuth "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar "Yahtzee" = Yahtzee "Yahtzee Master_is1" = Yahtzee Master v1.47 "Yahtzee_is1" = Yahtzee 1.1.6 "Zuma Deluxe 1.0" = Zuma Deluxe 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "AI RoboForm" = RoboForm 7-6-6 "Draw 4 App" = Draw 4 App "Icon Creator" = Icon Creator "MilitaryGame App" = MilitaryGame App "Notepad App" = Notepad App "SwingSet2 App" = SwingSet2 App [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Antivirus Events ] Error - 6/30/2009 9:00:34 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/5/2009 1:48:48 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/5/2009 7:05:52 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/9/2009 8:41:42 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/9/2009 8:44:42 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/11/2009 1:29:22 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/12/2009 2:58:15 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/16/2009 9:22:06 AM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/20/2009 3:15:57 AM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = Error - 11/20/2009 12:10:29 PM | Computer Name = USER-W05P6ZM3U6 | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 7/27/2011 11:01:40 PM | Computer Name = USER-W05P6ZM3U6 | Source = Ci | ID = 4124 Description = Content index on c:\system volume information\catalog.wci is corrupt. Please shutdown and restart the Indexing Service (cisvc). Error - 7/27/2011 11:01:40 PM | Computer Name = USER-W05P6ZM3U6 | Source = Ci | ID = 4126 Description = Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci. Index will be automatically restored by refiltering all documents. [ System Events ] Error - 12/22/2011 9:28:17 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7034 Description = The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). Error - 12/22/2011 9:28:18 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7034 Description = The InCD Helper service terminated unexpectedly. It has done this 1 time(s). Error - 12/22/2011 9:54:17 PM | Computer Name = USER-W05P6ZM3U6 | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. Error - 12/22/2011 9:55:15 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The Intel(r) 82802 Firmware Hub Device (Intel(r) Security Driver) service failed to start due to the following error: %%2 Error - 12/22/2011 9:55:15 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The ASInsHelp service failed to start due to the following error: %%2 Error - 12/22/2011 10:14:50 PM | Computer Name = USER-W05P6ZM3U6 | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000243' while processing the file '## aswSnx private storage' on the volume 'Hardd .. lume1'. It has stopped monitoring the volume. Error - 12/22/2011 10:15:36 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The Intel(r) 82802 Firmware Hub Device (Intel(r) Security Driver) service failed to start due to the following error: %%2 Error - 12/22/2011 10:15:36 PM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The ASInsHelp service failed to start due to the following error: %%2 Error - 12/23/2011 1:34:54 AM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The Intel(r) 82802 Firmware Hub Device (Intel(r) Security Driver) service failed to start due to the following error: %%2 Error - 12/23/2011 1:34:54 AM | Computer Name = USER-W05P6ZM3U6 | Source = Service Control Manager | ID = 7000 Description = The ASInsHelp service failed to start due to the following error: %%2 < End of report >