I have worked through all of the steps of the Malware and Spyware Cleaning Guide, but the problems remain. I'm pasting the logs below. Many thanks for any help that you are able to offer.
MBAM Log:
Malwarebytes' Anti-Malware 1.37
Database version: 2267
Windows 5.1.2600 Service Pack 3
6/12/2009 11:59:19 AM
mbam-log-2009-06-12 (11-59-19).txt
Scan type: Quick Scan
Objects scanned: 107545
Time elapsed: 5 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 6
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 2
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\program files\podmena\podmena.dll (Trojan.Agent) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\podmena (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\podmena (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\podmena (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\podmenadrv (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\podmenadrv (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\podmenadrv (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\podmena (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\podmena (Trojan.Downloader) -> Delete on reboot.
Files Infected:
c:\program files\podmena\podmena.dll (Trojan.Agent) -> Delete on reboot.
c:\program files\podmena\podmena.sys (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\msmark2.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\f5087.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\ro122366.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\ro122390.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\ro122458.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\ro122849.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\dk39fi4fe.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
Rooter Log:
Rooter.exe (v1.0) by Eric_71
¨
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
32_bits - x86 Family 6 Model 15 Stepping 13, GenuineIntel
¨
C:\ [Fixed-NTFS] .. ( Total:114470 Mo - Free:12835 Mo )
D:\ [CD_Rom]
¨
Scan : 12:32.33
Path : C:\Documents and Settings\phamilton\Desktop\Rooter.exe
User : phamilton ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (1716)
______ \??\C:\WINDOWS\system32\csrss.exe (1768)
______ \??\C:\WINDOWS\system32\winlogon.exe (1800)
______ C:\WINDOWS\system32\services.exe (1848)
______ C:\WINDOWS\system32\lsass.exe (1860)
______ C:\WINDOWS\system32\svchost.exe (2040)
______ C:\WINDOWS\system32\svchost.exe (288)
______ C:\WINDOWS\System32\svchost.exe (368)
______ C:\WINDOWS\system32\svchost.exe (860)
______ C:\WINDOWS\system32\svchost.exe (904)
______ C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (1260)
______ C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (1288)
______ C:\WINDOWS\system32\spoolsv.exe (1436)
______ C:\WINDOWS\system32\svchost.exe (240)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (596)
______ C:\Program Files\Bonjour\mDNSResponder.exe (632)
______ C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (660)
______ C:\Program Files\Symantec AntiVirus\DefWatch.exe (984)
______ C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe (1012)
______ C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (1076)
______ C:\ITOOLS\INTELL~1\private\ikusbsvc.exe (1172)
______ C:\Program Files\Java\jre6\bin\jqs.exe (1188)
______ C:\WINDOWS\System32\svchost.exe (1212)
______ C:\WINDOWS\System32\svchost.exe (1232)
______ C:\Program Files\Spyware Doctor\pctsAuxs.exe (1248)
______ C:\Program Files\Spyware Doctor\pctsSvc.exe (1516)
______ C:\PROGRA~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe (756)
______ C:\WINDOWS\system32\svchost.exe (780)
______ C:\Program Files\Symantec AntiVirus\Rtvscan.exe (808)
______ C:\WINDOWS\system32\TODDSrv.exe (960)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (2096)
______ C:\WINDOWS\System32\alg.exe (2536)
______ C:\WINDOWS\system32\wbem\unsecapp.exe (2548)
______ C:\WINDOWS\Explorer.EXE (2884)
______ C:\WINDOWS\RTHDCPL.EXE (3576)
______ C:\WINDOWS\system32\TPSMain.exe (3908)
______ C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (4048)
______ C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (564)
______ C:\WINDOWS\system32\ZoomingHook.exe (580)
______ C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (656)
______ C:\WINDOWS\system32\igfxtray.exe (712)
______ C:\WINDOWS\system32\TPSBattM.exe (716)
______ C:\WINDOWS\system32\hkcmd.exe (788)
______ C:\WINDOWS\system32\igfxpers.exe (1628)
______ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (1732)
______ C:\WINDOWS\system32\igfxsrvc.exe (264)
______ C:\Program Files\Crick Software\USBKeys2\USBKeys.exe (4080)
______ C:\Program Files\Common Files\Symantec Shared\ccApp.exe (2420)
______ C:\PROGRA~1\SYMANT~2\VPTray.exe (2468)
______ C:\Program Files\Winamp\winampa.exe (2520)
______ C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (2600)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (2820)
______ C:\Program Files\Synaptics\SynTP\SynToshiba.exe (2828)
______ C:\Program Files\Java\jre6\bin\jusched.exe (2924)
______ C:\Program Files\iTunes\iTunesHelper.exe (3108)
______ C:\Program Files\Spyware Doctor\pctsTray.exe (3220)
______ C:\WINDOWS\system32\ctfmon.exe (3984)
______ C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (3400)
______ C:\PROGRA~1\MI3AA1~1\wcescomm.exe (3664)
______ C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe (3700)
______ C:\Documents and Settings\phamilton\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (3580)
______ C:\Program Files\Type Booster\typebooster.exe (1056)
______ C:\Program Files\Registry Mechanic\RegMech.exe (216)
______ C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3872)
______ C:\PROGRA~1\MI3AA1~1\rapimgr.exe (708)
______ C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (3864)
______ C:\ITOOLS\IntelliKeys USB\private\iksystray.exe (1600)
______ C:\Program Files\SqueezeCenter\SqueezeTray.exe (2696)
______ C:\Program Files\iPod\bin\iPodService.exe (4068)
______ C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~1.EXE (2032)
______ C:\Program Files\WordWeb\wweb32.exe (3680)
______ C:\Program Files\Yuuguu\jre\bin\javaw.exe (380)
______ C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (3120)
______ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (2568)
______ C:\Program Files\Mozilla Firefox\firefox.exe (2260)
______ C:\Documents and Settings\phamilton\Desktop\Rooter.exe (3936)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:120031478784)
¨
----------------------\\ Scheduled Tasks
¨
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3341296880-2298546112-91892142-1356.job
C:\WINDOWS\Tasks\Norton PC Checkup Setup.job
C:\WINDOWS\Tasks\Norton Security Scan for phamilton.job
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\WGASetup.job
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
----------------------\\ Scan completed at 12:34.31
¨
C:\Rooter$\Rooter_1.txt - (12/06/2009 | 12:34.31)
OTL Log:
OTL logfile created on: 6/12/2009 12:36:12 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\phamilton\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 40.25% Memory free
3.33 Gb Paging File | 1.84 Gb Available in Paging File | 55.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 12.53 Gb Free Space | 11.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SETBC149373
Current User Name: phamilton
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe ()
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\ITOOLS\IntelliKeys USB\private\ikusbsvc.exe (IntelliTools, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\SqueezeCenter\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()
PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
PRC - C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
PRC - C:\WINDOWS\system32\ZoomingHook.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\Crick Software\USBKeys2\USBKeys.exe (Crick Software Ltd)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Simple Star\PhotoShow 5\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
PRC - C:\Documents and Settings\phamilton\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Type Booster\typebooster.exe ()
PRC - C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\ITOOLS\IntelliKeys USB\private\iksystray.exe (IntelliTools, Inc.)
PRC - C:\Program Files\SqueezeCenter\SqueezeTray.exe (SlimDevices - A Logitech Company)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\SqueezeCenter\server\squeezecenter.exe (SlimDevices - A Logitech Company)
PRC - C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
PRC - C:\Program Files\Yuuguu\jre\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\phamilton\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CVPND [Auto | Running]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (FlipShare Service [Auto | Running]) -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Stopped]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (ICDSPTSV [On_Demand | Stopped]) -- C:\WINDOWS\system32\IcdSptSv.exe (Sony Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IJPLMSVC [Auto | Running]) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (IntelliKeys USB Service [Auto | Running]) -- C:\ITOOLS\IntelliKeys USB\private\ikusbsvc.exe (IntelliTools, Inc.)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService [On_Demand | Running]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (sdAuxService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (sdCoreService [Auto | Running]) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (SerialKeys [On_Demand | Stopped]) -- C:\WINDOWS\system32\skeys.exe (Microsoft Corporation)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SPBBCSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (SqueezeMySQL [Auto | Running]) -- C:\Program Files\SqueezeCenter\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()
SRV - (Symantec AntiVirus [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (TODDSrv [Auto | Running]) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [Auto | Running]) -- C:\WINDOWS\system32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (iastor75 [Boot | Running]) -- C:\WINDOWS\System32\drivers\iastor75.sys (Intel Corporation)
DRV - (ICDUSB2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\ICDUSB2.sys (Sony Corporation)
DRV - (ikfirm [Auto | Stopped]) -- C:\WINDOWS\system32\drivers\ikfirm.sys (IntelliTools, Inc.)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090605.003\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090605.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NETw4x32 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel Corporation)
DRV - (PCTCore [Boot | Running]) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SAVRT [System | Running]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Sentinel [Auto | Running]) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)
DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SymEvent [Disabled | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (tdcmdpst [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (tifm21 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (TPwSav [System | Running]) -- C:\WINDOWS\system32\drivers\TPwSav.sys (TOSHIBA )
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (vmm [System | Running]) -- C:\WINDOWS\system32\Drivers\vmm.sys (Microsoft Corporation)
DRV - (VPCNetS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://setdata.setbc.org/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.setbc.org/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...newswatch.com/"
FF - prefs.js..extensions.enabledItems: {81487e5d-d4e7-441b-b702-ab29eb3af951}:0.7.8
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.2.48
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {7529D455-3392-4a17-A489-0C737D1DBAC0}:3.5
FF - prefs.js..extensions.enabledItems: {D1517460-5F8F-11DB-B0DE-0800200CA666}:1.5
FF - prefs.js..extensions.enabledItems: {C12D2FDC-2ECA-42a5-BA3C-DB93E0E8B70A}:4.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}:3.1.6.13
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {0B37872F-D59F-4b47-B2FD-F37E3F979437}:2.2
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {1f91cde0-c040-11da-a94d-0800200c9a66}:2.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.4
FF - prefs.js..extensions.enabledItems: {c07d1a49-9894-49ff-a594-38960ede8fb9}:3.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1b4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..extensions.enabledItems: {eb46c787-131a-4eb7-9b93-7f62ca550917}:0.3.5
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/02/16 20:26:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/13 03:16:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/06/12 11:02:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/06/12 11:02:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/06/03 11:57:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009/06/03 11:57:02 | 00,000,000 | ---D | M]
[2008/05/06 14:39:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Extensions
[2008/09/18 10:40:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241}
[2008/04/26 12:19:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/05/06 14:39:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Extensions\[email protected]
[2009/06/11 18:46:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions
[2009/05/05 09:03:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{0B37872F-D59F-4b47-B2FD-F37E3F979437}
[2008/07/23 13:33:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}
[2009/05/17 07:06:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
[2008/04/26 12:52:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{39ac0860-bbd7-11db-96f2-005056c00008}
[2008/07/08 23:40:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{7529D455-3392-4a17-A489-0C737D1DBAC0}
[2009/06/03 22:57:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/07/08 01:35:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{81487e5d-d4e7-441b-b702-ab29eb3af951}
[2009/06/03 22:57:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}
[2008/05/23 02:45:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2008/07/08 23:40:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{C12D2FDC-2ECA-42a5-BA3C-DB93E0E8B70A}
[2008/07/08 23:40:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{D1517460-5F8F-11DB-B0DE-0800200CA666}
[2008/07/26 12:06:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{eb46c787-131a-4eb7-9b93-7f62ca550917}
[2008/05/21 21:44:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{f560e570-b373-11da-a94d-0800200c9a66}
[2008/12/24 11:49:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}
[2008/09/07 11:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/05/17 07:06:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2008/07/06 16:16:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/02/25 11:44:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/04/25 06:15:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/04/25 06:15:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/03/23 10:02:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2009/05/04 11:02:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\phamilton\Application Data\mozilla\Firefox\Profiles\vh6bre3x.default\extensions\[email protected]
[2008/12/20 19:31:28 | 00,002,463 | ---- | M] () -- C:\Documents and Settings\phamilton\Application Data\Mozilla\FireFox\Profiles\vh6bre3x.default\searchplugins\diigo--google.xml
[2008/11/07 22:19:06 | 00,002,479 | ---- | M] () -- C:\Documents and Settings\phamilton\Application Data\Mozilla\FireFox\Profiles\vh6bre3x.default\searchplugins\diigo-customize-search.xml
[2008/06/22 17:36:54 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\phamilton\Application Data\Mozilla\FireFox\Profiles\vh6bre3x.default\searchplugins\winamp-search.xml
[2009/06/11 18:46:31 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/12 11:02:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/05/08 14:36:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/30 14:18:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/13 03:16:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/01/11 20:05:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/04/25 15:08:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/12 11:01:59 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/12 11:02:00 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/02 05:04:40 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/02 05:04:40 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/02 05:04:40 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/02 05:04:40 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/12/02 05:04:40 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/02 05:04:40 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/02 05:04:40 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Page-Reader Bar) - {24AC2D89-8566-4A52-850A-24FAF8DF57E0} - C:\Program Files\Text-Reader programs\PageReaderBar\TRPageReaderBar_.dll ()
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {24AC2D89-8566-4A52-850A-24FAF8DF57E0} - C:\Program Files\Text-Reader programs\PageReaderBar\TRPageReaderBar_.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" (Symantec Corporation)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [USBKeys] C:\Program Files\Crick Software\USBKeys2\\USBKeys.exe -winstartup (Crick Software Ltd)
O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" ()
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKLM..\Run: [WordQ carat flag] C:\Program Files\WordQ2\WordQcrs.exe ()
O4 - HKLM..\Run: [ZoomingHook] ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\phamilton\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [Miro] C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe File not found
O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)
O4 - HKCU..\Run: [Simple Star PhotoShow Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKCU..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TypeBooster] "C:\Program Files\Type Booster\typebooster.exe" ()
O4 - HKLM..\RunOnce: [symPCCheckup] "C:\WINDOWS\system32\Adobe\Shockwave 11\symcheckupstub.exe" /reboot (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\iksystray.lnk = C:\ITOOLS\IntelliKeys USB\private\iksystray.exe (IntelliTools, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SqueezeCenter Tray Tool.lnk = C:\Program Files\SqueezeCenter\SqueezeTray.exe (SlimDevices - A Logitech Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WordQCRS.lnk = C:\Program Files\WordQ2\WordQcrs.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O4 - Startup: C:\Documents and Settings\phamilton\Start Menu\Programs\Startup\palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (palmOne/Leader Technologies)
O4 - Startup: C:\Documents and Settings\phamilton\Start Menu\Programs\Startup\Yuuguu.lnk = C:\Program Files\Yuuguu\jre\bin\javaw.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Page-Reader Bar - {4E10D7B3-6DD5-4f59-BE02-CF9BD8D7DCD2} - C:\Program Files\Text-Reader programs\PageReaderBar\TRPageReaderBar_.dll ()
O9 - Extra 'Tools' menuitem : Page-Reader Bar - {4E10D7B3-6DD5-4f59-BE02-CF9BD8D7DCD2} - Reg Error: Value error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {3713F92E-2252-4A87-868E-C5F17704D4C6} http://www.rockyou.c...ageUploader.cab (RockYou Image Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1198280295734 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = setbcad.local
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - application/xhtml+xml - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter: - application/xhtml+xml; charset=iso-8859-1 - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter: - application/xhtml+xml; charset=utf-8 - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml; charset=iso-8859-1 - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter: - text/xml; charset=utf-8 - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (CSGina.dll) - C:\WINDOWS\system32\CSGina.dll ()
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/16 16:56:34 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0062a29b-cd8c-11dd-91af-0013e874f5cb}\Shell - "" = AutoRun
O33 - MountPoints2\{0062a29b-cd8c-11dd-91af-0013e874f5cb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0062a29b-cd8c-11dd-91af-0013e874f5cb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com -- File not found
O33 - MountPoints2\{0062a29b-cd8c-11dd-91af-0013e874f5cb}\Shell\Open\command - "" = resycled\boot.com e:
O33 - MountPoints2\{0b15ce42-8420-11dd-918b-0013e874f5cb}\Shell\AutoRun\command - "" = E:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{0b15ce42-8420-11dd-918b-0013e874f5cb}\Shell\Setup FlipShare\command - "" = E:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{0bee2875-f3c3-11dd-91c2-0013e874f5cb}\Shell - "" = AutoRun
O33 - MountPoints2\{0bee2875-f3c3-11dd-91c2-0013e874f5cb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0bee2875-f3c3-11dd-91c2-0013e874f5cb}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{38562eda-a29e-11dd-919b-0013e874f5cb}\Shell\AutoRun\command - "" = E:\AccessApps\asuite.exe -- File not found
O33 - MountPoints2\{460187aa-1fef-11de-91e2-0013e874f5cb}\Shell - "" = AutoRun
O33 - MountPoints2\{460187aa-1fef-11de-91e2-0013e874f5cb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{460187aa-1fef-11de-91e2-0013e874f5cb}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b3d1f02f-bff9-11dd-91a7-0013e874f5cb}\Shell\AutoRun\command - "" = E:\.\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/12 12:32:08 | 00,000,000 | ---D | M]
========== Files/Folders - Created Within 30 Days ==========
[3 C:\Documents and Settings\phamilton\My Documents\*.tmp files]
[3 C:\Documents and Settings\phamilton\Desktop\*.tmp files]
[2009/06/12 12:34:31 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/12 12:32:08 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\phamilton\Desktop\OTL.exe
[2009/06/12 12:31:55 | 00,128,933 | ---- | C] (Eric_71) -- C:\Documents and Settings\phamilton\Desktop\Rooter.exe
[2009/06/12 12:06:54 | 00,000,370 | ---- | C] () -- C:\WINDOWS\tasks\Norton PC Checkup Setup.job
[2009/06/12 12:00:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2009/06/12 12:00:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2009/06/12 11:21:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Application Data\Malwarebytes
[2009/06/12 11:21:28 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/12 11:21:25 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/12 11:21:23 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/12 11:21:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/12 11:21:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/12 11:20:47 | 03,371,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\phamilton\Desktop\mbam-setup.exe
[2009/06/12 11:19:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/12 11:18:48 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\NTREGOPT.lnk
[2009/06/12 11:18:48 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\ERUNT.lnk
[2009/06/12 11:18:46 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/06/12 11:18:11 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\phamilton\Desktop\erunt_setup.exe
[2009/06/12 11:17:02 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\phamilton\Desktop\SysRestorePoint.exe
[2009/06/12 10:46:16 | 00,264,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\phamilton\Desktop\TFC.exe
[2009/06/11 18:48:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\GooredFixBackups
[2009/06/11 18:41:24 | 00,094,208 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\GooredFix.exe
[2009/06/11 11:39:08 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\HijackThis.lnk
[2009/06/11 11:39:07 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/11 11:39:01 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\phamilton\Desktop\HJTInstall.exe
[2009/06/11 08:13:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/06/11 08:13:36 | 00,001,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/06/11 08:13:27 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/06/11 08:13:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Application Data\SUPERAntiSpyware.com
[2009/06/11 08:12:42 | 06,357,024 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\SUPERAntiSpywarePro.exe
[2009/06/11 07:23:41 | 00,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/06/10 18:02:32 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/06/10 18:02:21 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/06/10 18:02:21 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/06/10 18:02:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/10 18:02:02 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/06/10 18:01:59 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/06/10 18:01:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/06/10 18:01:47 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/06/10 18:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Application Data\PC Tools
[2009/06/10 18:01:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/06/10 18:01:36 | 00,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/06/10 18:01:33 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\STKIT432.DLL
[2009/06/10 18:01:29 | 00,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2009/06/10 18:00:21 | 24,449,664 | ---- | C] (PC Tools ) -- C:\Documents and Settings\phamilton\Desktop\sdsetup.exe
[2009/06/10 16:52:19 | 00,110,459 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Reservation BC Ferries.pdf
[2009/06/10 08:13:47 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Event Proposal Form.xls
[2009/06/10 08:12:04 | 00,009,593 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Expense Report.pdf
[2009/06/10 08:11:52 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Expense Report.xls
[2009/06/10 08:09:57 | 00,040,307 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Event Proposal Form.pdf
[2009/06/08 09:03:42 | 14,379,492 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\ECOManual.pdf
[2009/06/08 06:57:31 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Songsheet for June 7th,2009.doc
[2009/06/07 17:56:16 | 25,935,229 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.mp3
[2009/06/07 13:51:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\Flight - Comox to Ontario, May 1st
[2009/06/07 13:47:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\Backyard Courtenay with Lynn & Emma
[2009/06/07 12:14:18 | 00,027,296 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.aup.bak
[2009/06/07 12:14:18 | 00,021,816 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.aup
[2009/06/07 12:14:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\June 7 Service_data
[2009/06/07 10:02:39 | 00,000,636 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Audacity.lnk
[2009/06/05 18:15:42 | 00,001,737 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Yuuguu.lnk
[2009/06/05 18:15:42 | 00,001,699 | ---- | C] () -- C:\Documents and Settings\phamilton\Start Menu\Programs\Startup\Yuuguu.lnk
[2009/06/05 18:15:30 | 00,000,000 | ---D | C] -- C:\Program Files\Yuuguu
[2009/06/05 18:14:07 | 10,981,088 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\yuuguu-PC-installer.exe
[2009/06/05 16:00:30 | 00,768,562 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\wpc54g_v31_driver_4.100.15.5_Vista.exe
[2009/06/05 15:53:28 | 19,045,881 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\wpc54gv2_driver_utility_v2.02.zip
[2009/06/05 11:27:57 | 91,174,658 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\WPC54G_utility.zip
[2009/06/03 14:07:38 | 00,001,167 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ECO PASS 1.06.lnk
[2009/06/03 14:06:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Prentke Romich Company
[2009/06/03 13:51:02 | 11,418,1514 | ---- | C] (Prentke Romich Company ) -- C:\Documents and Settings\phamilton\Desktop\ECO_PASS_AEN_INSTALL.exe
[2009/06/03 12:50:11 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\phamilton\Desktop\~$llo John.doc
[2009/06/03 12:09:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\PHOTOS and Video Clips
[2009/06/03 12:00:15 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/06/03 12:00:11 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/06/03 12:00:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/06/03 11:57:50 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/06/03 11:55:10 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/03 11:55:05 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/06/03 09:10:19 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Hello John.doc
[2009/06/03 08:24:12 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/06/03 08:24:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/06/03 08:23:20 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/06/03 08:22:48 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2009/06/03 08:22:09 | 00,121,329 | ---- | C] () -- C:\WINDOWS\hpoins15.dat
[2009/06/03 08:22:09 | 00,001,037 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat
[2009/06/03 08:21:58 | 00,307,237 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
[2009/05/31 15:43:17 | 00,646,656 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\The Problem of Evil.ppt
[2009/05/31 15:43:12 | 00,100,864 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\pptannouncements May 24th 2009.ppt
[2009/05/28 14:30:02 | 00,028,994 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\CAP TSD.pdf
[2009/05/27 07:33:49 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft USB Flash Drive Manager
[2009/05/24 10:33:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\TarHeel Stories Complete
[2009/05/24 07:20:00 | 00,000,137 | ---- | C] () -- C:\WINDOWS\topocr.INI
[2009/05/24 07:19:32 | 00,000,000 | ---D | C] -- C:\Program Files\TopOCR
[2009/05/23 17:03:33 | 00,020,458 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\scan.hta
[2009/05/23 17:03:33 | 00,014,249 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\imsmanifest.xml
[2009/05/23 17:03:33 | 00,010,134 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\page.ico
[2009/05/23 17:03:33 | 00,001,558 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\Where's Your Heart.htm
[2009/05/23 17:03:33 | 00,000,047 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\autorun.inf
[2009/05/23 17:03:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\My Documents\Where's Your Heart_files
[2009/05/23 16:57:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\My Documents\Slides
[2009/05/23 16:57:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\My Documents\Audio
[2009/05/23 16:50:07 | 01,875,968 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\Where's Your Heart.MSProducer
[2009/05/23 16:05:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Producer 2
[2009/05/23 16:05:20 | 00,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2009/05/23 16:05:20 | 00,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2009/05/22 12:11:54 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\phamilton\My Documents\SD 85 Planning with Sue.doc
[2009/05/21 16:12:34 | 01,378,816 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\A_wrinkle_in_time-Chapter_1_KES.kes
[2009/05/17 16:27:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\phamilton\Desktop\To Ontario & With Family Part 1
[2009/05/17 13:03:31 | 00,899,965 | ---- | C] () -- C:\Documents and Settings\phamilton\Desktop\Vitamin_D_Introductory_Guide.pdf
[2009/03/18 11:13:35 | 00,000,023 | ---- | C] () -- C:\WINDOWS\SEBRAN.INI
[2009/01/13 17:28:40 | 00,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2009/01/11 20:36:35 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\IcdSptSvps.dll
[2009/01/11 20:36:34 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\trc.dll
[2009/01/11 20:36:34 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\dsp_trc.dll
[2008/12/13 03:11:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\DVEdit.INI
[2008/09/06 16:38:11 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/08/23 00:49:46 | 00,050,472 | ---- | C] () -- C:\WINDOWS\System32\KESIMapiStub.dll
[2008/08/15 12:12:21 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2008/08/15 05:51:37 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/08/15 05:51:37 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/08/15 05:51:35 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/08/15 05:48:39 | 00,000,107 | ---- | C] () -- C:\WINDOWS\VobEdit.INI
[2008/07/11 01:15:27 | 00,000,000 | ---- | C] () -- C:\WINDOWS\plclient.INI
[2008/05/29 14:06:51 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/05/16 08:54:50 | 00,233,525 | ---- | C] () -- C:\WINDOWS\System32\isutil.dll
[2008/05/16 08:54:49 | 00,000,271 | ---- | C] () -- C:\WINDOWS\apptune.ini
[2008/04/25 13:12:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/02/19 03:33:34 | 00,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2008/01/21 15:48:55 | 00,000,145 | ---- | C] () -- C:\WINDOWS\module.ini
[2008/01/21 13:39:16 | 00,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2008/01/18 21:07:24 | 00,000,024 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2008/01/18 21:02:36 | 00,000,058 | ---- | C] () -- C:\WINDOWS\WiViK3.ini
[2008/01/18 16:59:46 | 00,000,350 | ---- | C] () -- C:\WINDOWS\ITOOLS_X.INI
[2007/12/28 18:38:12 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/13 19:20:54 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/11/13 19:20:54 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/11/13 19:20:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/11/13 19:20:54 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/11/13 19:20:54 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/11/13 19:20:54 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/10/26 19:28:18 | 00,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007/10/26 19:28:04 | 00,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007/10/26 11:49:32 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2007/10/25 23:06:27 | 00,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/10/25 23:06:27 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4833.dll
[2007/07/25 13:34:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2007/07/24 10:42:19 | 00,000,165 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007/06/12 19:45:56 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2007/03/05 18:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/11/15 18:06:36 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\wa4jfw.dll
[2006/11/15 16:45:42 | 00,000,380 | ---- | C] () -- C:\WINDOWS\dcmuser.ini
[2006/01/05 22:49:34 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2006/01/05 21:36:22 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2006/01/04 14:59:52 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/08/26 19:21:48 | 00,221,259 | ---- | C] () -- C:\WINDOWS\System32\MD5.dll
[2004/08/04 01:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\zuklmua.dll
[2004/08/04 01:00:00 | 00,000,799 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 01:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/04 01:00:00 | 00,000,204 | ---- | C] () -- C:\WINDOWS\System32\o9ylm7l.dll
[2004/08/04 01:00:00 | 00,000,016 | -H-- | C] () -- C:\WINDOWS\System32\kg9088y.dll
[2004/08/04 01:00:00 | 00,000,016 | -H-- | C] () -- C:\WINDOWS\System32\eev2ern.dll
[2004/06/12 19:55:32 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\LAME_ENC.DLL
[2004/06/12 19:55:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\LameEncShim.dll
[2000/07/10 20:02:26 | 00,541,761 | ---- | C] () -- C:\WINDOWS\System32\Prdllw32.dll
[2000/07/10 20:01:10 | 00,243,425 | ---- | C] () -- C:\WINDOWS\System32\Pddllw32.dll
[1996/03/26 19:09:08 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\Pddllwnt.dll
[1995/08/23 18:45:58 | 00,002,016 | ---- | C] () -- C:\WINDOWS\Sg5w30.dll
[1995/08/23 18:45:54 | 00,214,899 | ---- | C] () -- C:\WINDOWS\Aplib2.dll
[1995/08/23 18:45:42 | 00,034,144 | ---- | C] () -- C:\WINDOWS\Aplib1.dll
[1995/08/23 18:45:40 | 00,006,784 | ---- | C] () -- C:\WINDOWS\Accupage.dll
========== Files - Modified Within 30 Days ==========
[3 C:\Documents and Settings\phamilton\My Documents\*.tmp files]
[3 C:\Documents and Settings\phamilton\Desktop\*.tmp files]
[2009/06/12 12:32:08 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\phamilton\Desktop\OTL.exe
[2009/06/12 12:31:56 | 00,128,933 | ---- | M] (Eric_71) -- C:\Documents and Settings\phamilton\Desktop\Rooter.exe
[2009/06/12 12:24:37 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/12 12:21:00 | 00,000,370 | ---- | M] () -- C:\WINDOWS\tasks\Norton PC Checkup Setup.job
[2009/06/12 12:08:43 | 00,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2009/06/12 12:06:37 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/06/12 12:05:54 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\phamilton\Local Settings\desktop.ini
[2009/06/12 12:04:59 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/06/12 12:04:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/12 12:04:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/12 12:04:01 | 21,374,44352 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/12 12:00:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\TPTray.INI
[2009/06/12 12:00:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\CeEKey.INI
[2009/06/12 11:31:38 | 00,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3341296880-2298546112-91892142-1356.job
[2009/06/12 11:21:28 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/12 11:20:49 | 03,371,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\phamilton\Desktop\mbam-setup.exe
[2009/06/12 11:18:48 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\NTREGOPT.lnk
[2009/06/12 11:18:48 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\ERUNT.lnk
[2009/06/12 11:18:11 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\phamilton\Desktop\erunt_setup.exe
[2009/06/12 11:17:03 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\phamilton\Desktop\SysRestorePoint.exe
[2009/06/12 10:46:18 | 00,264,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\phamilton\Desktop\TFC.exe
[2009/06/11 18:41:25 | 00,094,208 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\GooredFix.exe
[2009/06/11 11:39:08 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\HijackThis.lnk
[2009/06/11 11:23:08 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\phamilton\Desktop\HJTInstall.exe
[2009/06/11 08:13:36 | 00,001,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/06/11 08:12:43 | 06,357,024 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\SUPERAntiSpywarePro.exe
[2009/06/11 07:36:27 | 00,512,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/11 07:29:18 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/11 07:23:41 | 00,000,197 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2009/06/10 18:02:02 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2009/06/10 18:01:36 | 00,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk
[2009/06/10 18:00:37 | 24,449,664 | ---- | M] (PC Tools ) -- C:\Documents and Settings\phamilton\Desktop\sdsetup.exe
[2009/06/10 18:00:01 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for phamilton.job
[2009/06/10 16:52:26 | 00,110,459 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Reservation BC Ferries.pdf
[2009/06/10 10:20:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/10 08:13:47 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Event Proposal Form.xls
[2009/06/10 08:12:04 | 00,009,593 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Expense Report.pdf
[2009/06/10 08:11:52 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Expense Report.xls
[2009/06/10 08:09:59 | 00,040,307 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Event Proposal Form.pdf
[2009/06/09 21:50:30 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/08 09:04:23 | 14,379,492 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\ECOManual.pdf
[2009/06/08 06:58:12 | 00,021,816 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.aup
[2009/06/08 06:57:32 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Songsheet for June 7th,2009.doc
[2009/06/07 17:58:36 | 25,935,229 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.mp3
[2009/06/07 12:54:35 | 00,027,296 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\June 7 Service.aup.bak
[2009/06/07 10:02:39 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Audacity.lnk
[2009/06/05 18:15:42 | 00,001,737 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Yuuguu.lnk
[2009/06/05 18:15:42 | 00,001,699 | ---- | M] () -- C:\Documents and Settings\phamilton\Start Menu\Programs\Startup\Yuuguu.lnk
[2009/06/05 18:14:26 | 10,981,088 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\yuuguu-PC-installer.exe
[2009/06/05 16:00:30 | 00,768,562 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\wpc54g_v31_driver_4.100.15.5_Vista.exe
[2009/06/05 15:54:17 | 19,045,881 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\wpc54gv2_driver_utility_v2.02.zip
[2009/06/05 11:33:42 | 91,174,658 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\WPC54G_utility.zip
[2009/06/03 14:07:38 | 00,001,167 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ECO PASS 1.06.lnk
[2009/06/03 14:03:45 | 11,418,1514 | ---- | M] (Prentke Romich Company ) -- C:\Documents and Settings\phamilton\Desktop\ECO_PASS_AEN_INSTALL.exe
[2009/06/03 12:50:11 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\phamilton\Desktop\~$llo John.doc
[2009/06/03 11:48:49 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Hello John.doc
[2009/06/03 08:24:50 | 00,121,329 | ---- | M] () -- C:\WINDOWS\hpoins15.dat
[2009/06/02 12:28:24 | 00,000,803 | ---- | M] () -- C:\Documents and Settings\phamilton\Start Menu\Programs\Startup\palmOne Registration.lnk
[2009/06/01 13:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/31 15:43:18 | 00,646,656 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\The Problem of Evil.ppt
[2009/05/31 15:43:12 | 00,100,864 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\pptannouncements May 24th 2009.ppt
[2009/05/28 14:30:02 | 00,028,994 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\CAP TSD.pdf
[2009/05/28 05:34:57 | 00,000,137 | ---- | M] () -- C:\WINDOWS\topocr.INI
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/23 17:08:45 | 00,020,458 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\scan.hta
[2009/05/23 17:08:45 | 00,014,249 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\imsmanifest.xml
[2009/05/23 17:08:45 | 00,001,558 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\Where's Your Heart.htm
[2009/05/23 16:57:51 | 01,875,968 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\Where's Your Heart.MSProducer
[2009/05/22 12:26:16 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\phamilton\My Documents\SD 85 Planning with Sue.doc
[2009/05/21 17:32:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\KESI Virtual Port
[2009/05/21 16:12:36 | 01,378,816 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\A_wrinkle_in_time-Chapter_1_KES.kes
[2009/05/17 13:03:33 | 00,899,965 | ---- | M] () -- C:\Documents and Settings\phamilton\Desktop\Vitamin_D_Introductory_Guide.pdf
========== Alternate Data Streams ==========
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
OTL Extras Log:
OTL Extras logfile created on: 6/12/2009 12:36:12 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\phamilton\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 40.25% Memory free
3.33 Gb Paging File | 1.84 Gb Available in Paging File | 55.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 12.53 Gb Free Space | 11.21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SETBC149373
Current User Name: phamilton
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"9000:TCP" = 9000:TCP:*:Enabled:SqueezeCenter 9000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:SqueezeCenter 9090 tcp (CLI)
"3483:UDP" = 3483:UDP:*:Enabled:SqueezeCenter 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:SqueezeCenter 3483 tcp
"80:TCP" = 80:TCP:*:Enabled:websrvx
"53:TCP" = 53:TCP:*:Enabled:websrvx
"8085:TCP" = 8085:TCP:*:Enabled:podmena
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb Application File not found
C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:Orb File not found
C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)
C:\Program Files\Photo Story 3 for Windows\PhotoStory3.exe:*:Enabled:Photo Story 3 for Windows (Microsoft Corp.)
C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\Program Files\Kurzweil Educational Systems\Kurzweil 3000\Kurzweil 3000.exe:*:Enabled:Kurzweil 3000 (Kurzweil Educational Systems, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Kurzweil Educational Systems\Kurzweil 3000\Kurzweil 3000.exe:*:Enabled:Kurzweil 3000 (Kurzweil Educational Systems, Inc.)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb File not found
C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray File not found
C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client File not found
C:\Program Files\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java Platform SE binary (Sun Microsystems, Inc.)
C:\Program Files\Java\jre1.6.0_07\bin\java.exe:*:Enabled:Java Platform SE binary (Sun Microsystems, Inc.)
C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)
C:\Program Files\WinHTTrack\WinHTTrack.exe:*:Enabled:WinHTTrack Website Copier, Web Site mirroring for professional and private purposes (HTTrack)
C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe:*:Enabled:Miro_Downloader File not found
C:\Documents and Settings\phamilton\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player (Octoshape ApS)
C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary (Sun Microsystems, Inc.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"{0313C46B-39DB-43AA-9A59-65140C5591AC}" = Flypaper
"{03DE8444-C8D0-4C7E-9434-673D88498E7B}" = VoiceText
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D2908C8-C538-4F06-ACDE-7ED4D3408CAF}" = WordQ 2
"{115696CE-3579-43E2-BB61-71B58A198F41}" = SpeakQ
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411" = CanoScan LiDE 70
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{155FBB0D-0EE9-42D1-9E41-15E08F691033}" = Microsoft Producer for Microsoft Office PowerPoint 2003
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 13
"{28DCED79-2257-3A6D-D8EE-47CB792393B0}" = NetBook Application
"{2A1E27FF-BE53-45B4-950F-060236E98E3D}" = TMPGEnc Plus 2.5
"{2C9E24F2-6008-4826-961F-F308F9152AE2}" = Clicker Paint US Standalone
"{2E97DE76-851A-48AA-A0D6-665860FAD9CA}" = Keyspan USB Serial Adapter
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{3295AFCE-FB46-4C37-8370-C7E6B1217FD5}" = VP Algebra
"{32F66A20-7614-11D4-BD11-00104BD3F987}" = MathPlayer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3BDD70B7-0CAA-411B-BF2B-38080317B83D}" = MAGic 10.0
"{3D727061-E419-4851-95E2-49CAD5229D84}" = Crick Software USBKeys 2
"{3F692FA9-348B-4264-B4EA-DE6BFA45D8AE}" = Microsoft WorldWide Telescope
"{3F8EB641-6AD2-45DE-A8DD-91D7BDD39CDE}" = Microsoft USB Flash Drive Manager
"{3FADAA19-E595-44CA-A072-58B6B0851768}" = Norton Security Scan
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{549DF5F8-D7D3-40CE-A424-4FD17B0717CA}" = RealSpeak Solo 4.0 SAPI5 English/Spanish
"{57668A59-5A6E-4E5F-835E-34F7B8FF2F12}" = Clicker 5 English US Standalone
"{5A633ED0-E5D7-4D65-AB8D-53ED43510284}" = Symantec AntiVirus
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C8B32D9-8DDA-412F-8FD6-C56356D69FBB}" = Kurzweil 3000 v.11
"{6EC9AEA4-4B16-4C2B-B760-6F378A7577B6}" = Freedom Scientific Video Intercept
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{72BA5188-DF38-48DD-BB7D-C7D778890124}" = Freedom Scientific Talking Installer 8.0
"{7732DA71-2FB6-5C99-D0D9-58A2DB360895}" = FlipShare
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = Sentinel System Driver
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{7EADB65C-70E8-4C94-AD0A-221462D41A85}" = Camtasia Studio 5
"{804711DC-0886-11D7-AAC3-86FD5A8BD170}" = Minerva HPC2000
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{820F4F44-9B10-4A5D-ACC5-4BC2EA3FFEEE}" = Kurzweil 3000 v.10
"{82CA0A0C-A3EC-4167-B694-909205B2EDEC}" = muvee Plugin 1.0
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{918F5120-9982-4872-BB51-97D3BB560897}" = OpenOffice.org 3.0 Beta
"{967C1374-BCB3-42AA-AE08-A5C56A956ACE}" = Freedom Scientific Braille
"{969535CC-AFD3-4C9A-831A-D1A62957E759}" = Ghotit Context Spell Checker
"{975C8028-51D8-44A9-9585-82E9810FE96A}" = hp LaserJet 1000
"{9F705393-9451-43EA-9540-5D11AB7CEBA4}" = VP Arithmetic
"{9FAB7FA0-1BCC-4F37-9EAD-5C2F05C5EAA4}" = Freedom Scientific Document Server
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF187786-DF2E-4D26-BBFB-2BF3C5D372E0}" = TemplateMaker
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B0D1E9CD-0AFA-395C-56ED-ADFC53E0E16D}" = KIDOZ
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF22D9-6492-4E80-9838-B4763B819BC9}" = Audio Graphing Calculator
"{D4481AFF-4218-4CF0-A68C-87E9EBAE3B86}" = WordTalkInstall
"{D5278828-3232-4AED-8F24-14020F9748D4}" = Special Cursors
"{D74A3A69-851C-447E-83D1-702E60A7258D}" = Freedom Scientific JAWS 8.0
"{DA0BF7AB-88EB-4675-8FA1-531EAD938821}" = SnagIt 8
"{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}" = Dragon NaturallySpeaking 9
"{E066DE16-50F3-4A8C-953C-E67118894B2F}" = Scientific Notebook 5.5
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E2AE73B4-9A5C-41F9-8A38-1B48B855460B}" = Co:Writer SE
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ED8CCEA2-D5FB-498B-9F44-8FBBA07047AF}" = Click-N-Type
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F4DA19E5-A560-4313-8623-3493DCE3C681}" = Freedom Scientific Synthesizer Eloquence
"{FC6E3A15-4BB3-48E4-BE25-6D13C4379BA9}" = Write:OutLoud SE
"{FC98FBE9-E931-494C-8717-497185371033}" = Nero 7 Ultra Edition
"2+2 v.2.1a" = 2+2 v.2.1a
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Audacity_is1" = Audacity 1.2.6
"Boardmaker Plus!" = Boardmaker Plus!
"Camtasia Studio 3" = Camtasia Studio 3
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"ChatPC Editor" = ChatPC Editor
"Click'N Design 3D (V5)" = Click'N Design 3D (V5)
"com.myApp.NetBook.3AC0BB277CD6252F403A34D00E555927230DF2EF.1" = NetBook
"Community Signs for Windows ver.2.0" = Community Signs for Windows ver.2.0
"DSMT6" = MathType 6
"DVD Flick_is1" = DVD Flick
"DynaVox Palmtop-iChat Editor" = DynaVox Palmtop-iChat Editor
"DynaVox Series 4" = DynaVox Series 4
"DynaVox Series 5 Editing Software" = DynaVox Series 5 Editing Software
"ECO PASS 1.05_is1" = ECO PASS 1.05.0
"ECO PASS 1.06_is1" = ECO PASS 1.06.0
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.2.2.1
"Flickr Uploadr" = Flickr Uploadr 3.0.5
"FlickrDown" = FlickrDown
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FreeOCR.net" = FreeOCR.net
"FSVI" = Freedom Scientific Video Intercept
"Going to the Dentist 1.0" = Going to the Dentist 1.0
"Google Updater" = Google Updater
"Google Video Uploader" = Google Video Uploader
"GoogleVideoPlayer" = Google Video Player
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"ICS Template Installer" = ICS Template Installer
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{02EED746-8C5A-43C8-BB3D-D29C8B363A4D}" = TOSHIBA Zooming Utility
"InstallShield_{2A1E27FF-BE53-45B4-950F-060236E98E3D}" = TMPGEnc Plus 2.5
"InstallShield_{3295AFCE-FB46-4C37-8370-C7E6B1217FD5}" = VP Algebra
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"InstallShield_{9F705393-9451-43EA-9540-5D11AB7CEBA4}" = VP Arithmetic
"InstallShield_{A38D57D1-5F29-4691-B3DD-FE4B3A7B3AFE}" = TOSHIBA Power Saver
"IntelliKeys USB and IntelliSwitch" = IntelliKeys USB and IntelliSwitch
"IntelliTools Classroom Suite" = IntelliTools Classroom Suite
"IrfanView" = IrfanView (remove only)
"iSofter DVD Ripper Platinum_is1" = iSofter DVD Ripper Platinum 1.0.2006.912
"JAWS8.0" = Freedom Scientific JAWS 8.0
"Jigs@w Puzzle Promo Creator_is1" = Jigs@w Puzzle Promo Creator 2.1
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LastFM_is1" = Last.fm 1.5.1.29527
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Macromedia FlashPaper 2_is1" = Macromedia FlashPaper 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mathpad" = Mathpad
"MathPad Plus: Fractions and Decimals 1.03 for Windows" = MathPad Plus: Fractions and Decimals 1.03 for Windows
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Mozilla Thunderbird (2.0.0.16)" = Mozilla Thunderbird (2.0.0.16)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MultiMail" = MultiMail
"MWSnap 3" = MWSnap 3
"Nemonika" = Nemonika 1.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}" = Norton Security Scan (Symantec Corporation)
"Numbers Vol 1 1.0" = Numbers Vol 1 1.0
"Overlay Maker 3" = Overlay Maker 3
"Page-Reader Bar" = Page-Reader Bar
"Pathfinder PASS_is1" = Pathfinder PASS 3.00.1
"PDFCreator Toolbar" = PDFCreator Toolbar
"PhotoShow 5" = PhotoShow 5
"Picasa 3" = Picasa 3
"Pingus" = Pingus
"PowerTalk_is1" = PowerTalk 1.2.11
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 6.0" = RealPlayer
"Recuva" = Recuva (remove only)
"Registry Mechanic_is1" = Registry Mechanic 8.0
"Scratch" = Scratch
"Sight Words Buddy_is1" = Sight Words Buddy 1.0
"Sketch Effect" = Sketch Effect
"Slidestory" = Slidestory
"Sony Digital Voice Editor 2" = Sony Digital Voice Editor 2
"SpeedCrunch_is1" = SpeedCrunch 0.10
"SpringBoard PASS_is1" = SpringBoard PASS 3.03.2
"Spyware Doctor" = Spyware Doctor 6.0
"SqueezeCenter_is1" = SqueezeCenter 7.3.2
"SwitchIt! Maker 2" = SwitchIt! Maker 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Early Learning Suite_is1" = The Learning Suite 2.1.1
"The Most Commonly Used Words" = The Most Commonly Used Words
"TopOCR" = TopOCR 3.1
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Tux Paint Stamps_is1" = Tux Paint Stamps 2007-11-21
"Tux Paint_is1" = Tux Paint 0.9.15
"Type Booster_is1" = Type Booster 2.8
"UnityWebPlayer" = Unity Web Player
"Vantage-Vanguard PASS 5.00.0_is1" = Vantage-Vanguard PASS 5.00.0
"Vantage-Vanguard PASS_is1" = Vantage-Vanguard PASS 4.03.2
"Vu-Bar" = Vu-Bar
"VV_Outloud_40_En_US" = IBM ViaVoice Outloud Runtime v4.0 - US English
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.42-3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WordWeb" = WordWeb
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMind" = XMind
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yuuguu" = Yuuguu
"Zac Browser English" = Zac Browser English
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
"fe22c98b1da9cae8" = Ginger Spell
"Google Chrome" = Google Chrome
"Molecular Workbench V2.0" = Molecular Workbench V2.0
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/11/2009 10:29:09 AM | Computer Name = SETBC149373 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 6/11/2009 5:38:23 PM | Computer Name = SETBC149373 | Source = Google Update | ID = 20
Description =
Error - 6/11/2009 6:28:35 PM | Computer Name = SETBC149373 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 6/12/2009 4:12:46 AM | Computer Name = SETBC149373 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 6/12/2009 9:53:51 AM | Computer Name = SETBC149373 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 6/12/2009 9:54:32 AM | Computer Name = SETBC149373 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 6/12/2009 9:55:26 AM | Computer Name = SETBC149373 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 6/12/2009 11:04:50 AM | Computer Name = SETBC149373 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 6/12/2009 11:05:28 AM | Computer Name = SETBC149373 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 6/12/2009 11:05:55 AM | Computer Name = SETBC149373 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
[ OSession Events ]
Error - 8/11/2008 7:14:46 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/12/2008 12:19:17 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 61462
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/12/2008 6:12:51 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 100438
seconds with 300 seconds of active time. This session ended with a crash.
Error - 9/18/2008 6:39:11 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5304
seconds with 480 seconds of active time. This session ended with a crash.
Error - 9/25/2008 6:02:54 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 105902
seconds with 7680 seconds of active time. This session ended with a crash.
Error - 12/1/2008 5:33:02 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6324.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 87575
seconds with 960 seconds of active time. This session ended with a crash.
Error - 12/8/2008 2:19:48 AM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 288812
seconds with 8100 seconds of active time. This session ended with a crash.
Error - 1/8/2009 8:15:38 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 276241
seconds with 1800 seconds of active time. This session ended with a crash.
Error - 5/12/2009 12:40:38 PM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 233396
seconds with 2460 seconds of active time. This session ended with a crash.
Error - 5/21/2009 5:07:20 AM | Computer Name = SETBC149373 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 599791
seconds with 14940 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/11/2009 8:52:02 PM | Computer Name = SETBC149373 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 6/11/2009 9:27:05 PM | Computer Name = SETBC149373 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 6/11/2009 9:27:05 PM | Computer Name = SETBC149373 | Source = PlugPlayManager | ID = 12
Description = The device 'HL-DT-ST DVDRAM GSA-T20N' (IDE\CdRomHL-DT-ST_DVDRAM_GSA-T20N________________WT03____\324b37464b373031333320322020202020202020)
disappeared from the system without first being prepared for removal.
Error - 6/12/2009 4:12:09 AM | Computer Name = SETBC149373 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain SETBCAD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 6/12/2009 6:15:02 AM | Computer Name = SETBC149373 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 6/12/2009 8:13:50 AM | Computer Name = SETBC149373 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain SETBCAD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 6/12/2009 9:53:51 AM | Computer Name = SETBC149373 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain SETBCAD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 6/12/2009 9:54:27 AM | Computer Name = SETBC149373 | Source = Service Control Manager | ID = 7000
Description = The ikfirm service failed to start due to the following error: %%1058
Error - 6/12/2009 11:04:49 AM | Computer Name = SETBC149373 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain SETBCAD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 6/12/2009 11:05:23 AM | Computer Name = SETBC149373 | Source = Service Control Manager | ID = 7000
Description = The ikfirm service failed to start due to the following error: %%1058
< End of report >