Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

CPU/Paging File usage very high - Slow/Freeze/Crashing computer

Started by jcricket , Jun 25 2009 06:11 AM

Please log in to reply

#1
jcricket

Posted 25 June 2009 - 06:11 AM

New Member

Member
8 posts

Hello! My computer has been getting progressively slower for the past 6 months. I've noticed that the CPU usage is extremely high quite often, and so too is the paging file. The computer has gotten the "blue screen of death" twice in the past month. It has frozen up and crashed numerous other times. Startup is very slow, and it makes a bunch of noise when it is starting up for the first 10 minutes. Then it dies down a bit, but it still sounds like it is working hard, and sometimes I can't even get the internet to load at all.

I have a Dell Dimension DM051 Intel® Pentium ® D CPU 2.80 GHz, 1.00GB RAM. Microsoft Windows XP Profesional Version 2002 Service Pack 3.

I dont' know if the problem is a virus or a hardware problem, and I am very scared of losing all my files. Plus it is making it very difficult to get my work done on the computer.

I have gone through your Malware and Spyware cleaning guide and here are the results: ( I will post the logs each in a different post...hopefully that will be easier to read)

THANK YOU SO MUCH IN ADVANCE FOR YOUR HELP! about 5 years ago my computer in college got a bad virus and your site was the only thing that saved it. I look forward to working with you again.

#2
jcricket

Posted 25 June 2009 - 06:13 AM

New Member

Topic Starter
Member
8 posts

Malwarebytes' Anti-Malware 1.38
Database version: 2318
Windows 5.1.2600 Service Pack 3

6/21/2009 11:01:23 AM
mbam-log-2009-06-21 (11-01-23).txt

Scan type: Quick Scan
Objects scanned: 110590
Time elapsed: 5 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 28
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gadcom (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\Nikhila Deo\Application Data\gadcom (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\Nikhila Deo\Application Data\Twain (Trojan.Matcash) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\nikhila deo\application data\gadcom\gadcom.exe (Trojan.Agent) -> Quarantined and deleted successfully.

#3
jcricket

Posted 25 June 2009 - 06:13 AM

New Member

Topic Starter
Member
8 posts

Rooter.exe (v1.0.1) by Eric_71
¨
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
32_bits - x86 Family 15 Model 4 Stepping 7, GenuineIntel
¨
C:\ [Fixed-NTFS] .. ( Total:229 Go - Free:185 Go )
D:\ [CD_Rom]
H:\ [Removable]
¨
Scan : 12:26.46
Path : C:\Documents and Settings\Nikhila Deo\Desktop\G2G\Rooter.exe
User : Nikhila Deo ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (828)
______ \??\C:\WINDOWS\system32\csrss.exe (876)
______ \??\C:\WINDOWS\system32\winlogon.exe (904)
______ C:\WINDOWS\system32\services.exe (948)
______ C:\WINDOWS\system32\lsass.exe (960)
______ C:\WINDOWS\system32\Ati2evxx.exe (1164)
______ C:\WINDOWS\system32\svchost.exe (1184)
______ C:\WINDOWS\system32\svchost.exe (1236)
______ C:\WINDOWS\System32\svchost.exe (1380)
______ C:\WINDOWS\system32\svchost.exe (1472)
______ C:\WINDOWS\system32\svchost.exe (1688)
______ C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (1760)
______ C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (1800)
______ C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (1904)
______ C:\WINDOWS\system32\spoolsv.exe (1964)
______ C:\WINDOWS\system32\svchost.exe (208)
______ C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe (240)
______ C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe (272)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (336)
______ C:\Program Files\Bonjour\mDNSResponder.exe (352)
______ C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (396)
______ C:\Program Files\Symantec AntiVirus\DefWatch.exe (612)
______ C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (680)
______ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (716)
______ C:\WINDOWS\system32\HPZipm12.exe (784)
______ C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe (844)
______ C:\Program Files\Dell Support Center\bin\sprtsvc.exe (880)
______ C:\WINDOWS\system32\svchost.exe (1572)
______ C:\Program Files\Symantec AntiVirus\Rtvscan.exe (1600)
______ C:\Program Files\Viewpoint\Common\ViewpointService.exe (628)
______ C:\Program Files\Canon\CAL\CALMAIN.exe (1672)
______ C:\WINDOWS\System32\alg.exe (2524)
______ C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (3452)
______ C:\WINDOWS\Explorer.EXE (580)
______ C:\WINDOWS\stsystra.exe (2652)
______ C:\Program Files\Dell\Media Experience\DMXLauncher.exe (2728)
______ C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (1584)
______ C:\WINDOWS\System32\DLA\DLACTRLW.EXE (2784)
______ C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (2864)
______ C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (2896)
______ C:\Program Files\Common Files\Symantec Shared\ccApp.exe (2244)
______ C:\PROGRA~1\SYMANT~1\VPTray.exe (3024)
______ C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe (3148)
______ C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe (1440)
______ C:\Program Files\QuickTime\QTTask.exe (3224)
______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (384)
______ C:\Program Files\Dell Support Center\bin\sprtcmd.exe (3272)
______ C:\Program Files\iTunes\iTunesHelper.exe (3472)
______ C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (3500)
______ C:\WINDOWS\system32\ctfmon.exe (3504)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3524)
______ C:\Program Files\DellSupport\DSAgnt.exe (3568)
______ C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (3640)
______ C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe (3676)
______ C:\Program Files\Upromise\dca-ua.exe (3808)
______ C:\Program Files\Upromise\UpromiseTray.exe (3900)
______ C:\Program Files\Palm\AlarmApp.exe (1732)
______ C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (476)
______ C:\Program Files\Digital Line Detect\DLG.exe (484)
______ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (1656)
______ C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (1364)
______ C:\Program Files\iPod\bin\iPodService.exe (2304)
______ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3724)
______ C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe (5368)
______ C:\Program Files\Internet Explorer\iexplore.exe (5012)
______ C:\Program Files\Internet Explorer\iexplore.exe (5132)
______ C:\Program Files\comcasttb\CIDGlobalLight.exe (1232)
______ C:\Program Files\Internet Explorer\iexplore.exe (4864)
______ C:\Documents and Settings\Nikhila Deo\Desktop\G2G\Rooter.exe (1056)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:57544704)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:57576960 | Length:246709048320)
\Device\Harddisk0\Partition3 (Start_Offset:246766625280 | Length:3224309760)
¨
----------------------\\ Scheduled Tasks
¨
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
----------------------\\ Scan completed at 12:27.26
¨
C:\Rooter$\Rooter_1.txt - (21/06/2009 | 12:27.26)

#4
jcricket

Posted 25 June 2009 - 06:14 AM

New Member

Topic Starter
Member
8 posts

OTL logfile created on: 6/21/2009 12:28:50 PM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\Nikhila Deo\Desktop\G2G
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 374.18 Mb Available Physical Memory | 36.61% Memory free
1.88 Gb Paging File | 1.30 Gb Available in Paging File | 69.22% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 185.87 Gb Free Space | 80.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D1CC2LB1
Current User Name: Nikhila Deo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
PRC - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe ()
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (CA, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\HPZipm12.exe (HP)
PRC - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
PRC - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe ()
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe ()
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
PRC - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
PRC - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
PRC - C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
PRC - C:\Program Files\Upromise\UpromiseTray.exe ()
PRC - C:\Program Files\Palm\AlarmApp.exe (Palm, Inc.)
PRC - C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (DataViz, Inc.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Documents and Settings\Nikhila Deo\Desktop\G2G\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AntiSpywareService [Auto | Running]) -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe ()
SRV - (AOL ACS [Auto | Running]) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (CVPND [Auto | Running]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (ITMRTSVC [Auto | Running]) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (CA, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetSvc [On_Demand | Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Unknown | Running]) -- C:\WINDOWS\System32\HPZipm12.exe (HP)
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (SPBBCSvc [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (sprtsvc_ddoctorv2 [Auto | Running]) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (sprtsvc_dellsupportcenter [Auto | Running]) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (Symantec AntiVirus [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (spupdsvc [Auto | Stopped]) -- C:\WINDOWS\System32\spupdsvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ASCTRM [Auto | Running]) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [Auto | Running]) -- C:\WINDOWS\System32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DNE [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (DSproct [On_Demand | Running]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090620.025\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090620.025\NAVEX15.SYS (Symantec Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PalmUSBD [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (SAVRT [System | Running]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (vsdatant [On_Demand | Stopped]) -- C:\WINDOWS\System32\vsdatant.sys (Zone Labs LLC)
DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.m...en-US:official"

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008/11/21 18:59:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008/11/21 18:59:11 | 00,000,000 | ---D | M]

[2009/06/12 17:29:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nikhila Deo\Application Data\mozilla\Firefox\Profiles\ktu0hb49.default\extensions
[2009/06/10 00:29:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Nikhila Deo\Application Data\mozilla\Firefox\Profiles\ktu0hb49.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/06/12 17:29:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/04/24 12:10:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/11/21 18:59:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/05/10 13:04:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/11/21 18:59:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2008/04/30 22:54:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2008/11/21 18:59:03 | 00,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2008/11/21 18:59:04 | 00,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2008/11/21 18:59:04 | 00,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll
[2008/11/21 18:59:04 | 00,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll
[2008/11/21 18:59:04 | 00,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2008/11/21 18:59:10 | 00,022,664 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/07/09 01:23:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/07/09 01:23:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/07/09 01:23:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/07/09 01:23:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/07/09 01:23:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/07/09 01:23:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/07/09 01:23:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/03/24 20:21:00 | 02,889,088 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2008/04/30 22:54:45 | 00,001,514 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/04/30 22:54:45 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/01 11:50:26 | 00,004,946 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\comcast.xml
[2008/04/30 22:54:45 | 00,001,038 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/04/30 22:54:45 | 00,001,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/04/30 22:54:45 | 00,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/04/30 22:54:45 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Upromise\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Upromise TurboSaver) - {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Upromise TurboSaver) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MSKDetectorExe] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [DellSupport] File not found
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [ISMModule2] C:\Program Files\ISM\ISMModule2.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Twain] C:\Documents and Settings\Nikhila Deo\Application Data\Twain\Twain.exe File not found
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - HKCU..\Run: [Upromise Tray] C:\Program Files\Upromise\UpromiseTray.exe ()
O4 - HKCU..\Run: [Upromise Update] C:\Program Files\Upromise\dca-ua.exe (Compete Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Alarm Manager.LNK = C:\Program Files\Palm\AlarmApp.exe (Palm, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe (DataViz, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Upromise TurboSaver - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files\Upromise\upromisetoolbar.dll (Upromise, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: amaena.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: antimalwareguard.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: antispyexpert.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: avsystemcare.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: gomyhit.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: imageservr.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: imagesrvr.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: onerateld.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: safetydownload.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: spyguardpro.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: storageguardsoft.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: trustedantivirus.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: virusremover2008.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: virusschlacht.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: amaena.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: antimalwareguard.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: antispyexpert.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: avsystemcare.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: gomyhit.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: imageservr.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: imagesrvr.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: onerateld.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: safetydownload.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: spyguardpro.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: storageguardsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: trustedantivirus.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: virusremover2008.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: virusschlacht.com ([]* in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.242 68.87.71.226 68.87.64.196
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\System32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4f2e71ed-3787-11de-b083-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{4f2e71ed-3787-11de-b083-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4f2e71ed-3787-11de-b083-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8c57e214-7e1e-11db-b002-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{8c57e214-7e1e-11db-b002-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8c57e214-7e1e-11db-b002-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/06/21 12:27:26 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/21 12:05:51 | 00,000,142 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/06/21 12:04:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/06/21 11:53:29 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/06/21 11:53:28 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/06/21 11:53:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/21 11:52:16 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/06/21 11:49:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/06/21 10:54:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Application Data\Malwarebytes
[2009/06/21 10:54:08 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/21 10:54:06 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/21 10:54:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/21 10:54:05 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/21 10:52:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/21 10:51:46 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/06/21 10:32:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Desktop\G2G
[2009/06/18 17:58:00 | 00,000,316 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Access Your Email at UVa.url
[2009/06/17 19:04:06 | 03,130,066 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Practice%20Cases.pdf
[2009/06/14 18:26:26 | 00,017,690 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\NDeo Step2CS Pass.PDF
[2009/06/14 11:13:03 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Sedation.doc
[2009/06/13 22:51:25 | 00,072,499 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\My Documents\salliemae offer.pdf
[2009/06/12 22:32:05 | 00,329,157 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\2009 Final version-resident orientation packet.docx
[2009/06/12 01:15:07 | 00,126,889 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\NRP Certification.pdf
[2009/06/12 00:47:14 | 00,027,711 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Form_FinalReference.pdf
[2009/06/11 21:40:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Desktop\netlearning
[2009/06/11 19:51:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Application Data\upromise
[2009/06/11 19:51:15 | 00,000,000 | ---D | C] -- C:\Program Files\Upromise
[2009/06/11 19:42:29 | 00,121,901 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Spring 2009 Health Insurance Waiver Form.pdf
[2009/06/11 11:08:19 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Comcast Security.url
[2009/06/11 11:08:19 | 00,000,117 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Comcast Email.url
[2009/06/11 11:08:18 | 00,015,086 | ---- | C] () -- C:\WINDOWS\ComcastEmail.ico
[2009/06/11 11:08:18 | 00,007,982 | ---- | C] () -- C:\WINDOWS\ComcastSecurity.ico
[2009/06/11 11:08:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Application Data\CallingID
[2009/06/11 11:08:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2009/06/11 11:08:02 | 00,000,000 | ---D | C] -- C:\Program Files\CA
[2009/06/11 11:07:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Nikhila Deo\Application Data\comcasttb
[2009/06/11 11:07:32 | 00,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2009/06/11 11:07:06 | 00,001,960 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/06/11 11:06:41 | 00,000,000 | ---D | C] -- C:\Program Files\Comcast
[2009/06/11 10:55:05 | 00,001,003 | ---- | C] () -- C:\net_save.dna
[2009/06/11 10:54:48 | 00,000,000 | ---D | C] -- C:\Program Files\support.com
[2009/05/28 14:57:59 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Intern block schedule.xls
[2009/05/24 12:48:26 | 00,517,829 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Nikhilala_Deo.pdf
[2009/05/23 15:27:18 | 00,113,997 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 003.jpg
[2009/05/23 15:25:22 | 00,115,803 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 002.jpg
[2009/05/23 15:25:12 | 00,112,506 | ---- | C] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 001.jpg
[2007/07/14 11:15:53 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/06/05 08:24:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/04/04 11:24:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/01/21 22:11:50 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/08 22:23:19 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/19 16:39:22 | 00,029,752 | ---- | C] () -- C:\WINDOWS\System32\InstHelper.dll
[2006/12/19 16:38:50 | 00,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006/12/19 16:38:48 | 00,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006/12/05 00:55:53 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\6733694DDC.sys
[2006/11/26 22:10:41 | 00,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/11/26 22:10:41 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\DC4D693367.sys
[2006/08/04 03:43:05 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/04 03:37:17 | 00,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/04 03:05:54 | 00,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 08:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/11 17:24:19 | 00,000,884 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:00:37 | 00,000,783 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/11 17:00:35 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 03:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/06/21 12:06:05 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/21 12:05:51 | 00,000,142 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2009/06/21 11:58:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/21 11:58:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/21 11:58:28 | 10,717,96224 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/21 11:53:26 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/20 22:40:50 | 00,004,184 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/20 22:40:47 | 00,000,088 | RHS- | M] () -- C:\WINDOWS\System32\6733694DDC.sys
[2009/06/19 15:16:06 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/18 17:58:00 | 00,000,316 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Access Your Email at UVa.url
[2009/06/17 19:04:06 | 03,130,066 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Practice%20Cases.pdf
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/14 18:26:47 | 00,017,690 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\NDeo Step2CS Pass.PDF
[2009/06/14 14:41:11 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Intern block schedule.xls
[2009/06/14 14:19:17 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Sedation.doc
[2009/06/13 23:37:20 | 00,050,176 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/13 22:51:26 | 00,072,499 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\My Documents\salliemae offer.pdf
[2009/06/12 22:32:07 | 00,329,157 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\2009 Final version-resident orientation packet.docx
[2009/06/12 03:18:22 | 00,325,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/12 01:15:07 | 00,126,889 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\NRP Certification.pdf
[2009/06/12 00:47:14 | 00,027,711 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Form_FinalReference.pdf
[2009/06/11 19:42:31 | 00,121,901 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Spring 2009 Health Insurance Waiver Form.pdf
[2009/06/11 11:08:19 | 00,000,136 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Comcast Security.url
[2009/06/11 11:08:19 | 00,000,117 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Comcast Email.url
[2009/06/11 11:07:06 | 00,001,960 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Doctor.lnk
[2009/06/11 10:55:05 | 00,001,003 | ---- | M] () -- C:\net_save.dna
[2009/06/10 00:27:55 | 00,445,630 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/06/10 00:27:55 | 00,384,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/06/10 00:27:55 | 00,054,280 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/06/01 11:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/24 12:48:33 | 00,517,829 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Nikhilala_Deo.pdf
[2009/05/23 16:39:53 | 00,113,997 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 003.jpg
[2009/05/23 16:39:52 | 00,115,803 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 002.jpg
[2009/05/23 16:39:52 | 00,112,506 | ---- | M] () -- C:\Documents and Settings\Nikhila Deo\Desktop\Furniture 001.jpg
< End of report >

#5
jcricket

Posted 25 June 2009 - 06:14 AM

New Member

Topic Starter
Member
8 posts

OTL Extras logfile created on: 6/21/2009 12:28:50 PM - Run 1
OTL by OldTimer - Version 3.0.2.0 Folder = C:\Documents and Settings\Nikhila Deo\Desktop\G2G
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 374.18 Mb Available Physical Memory | 36.61% Memory free
1.88 Gb Paging File | 1.30 Gb Available in Paging File | 69.22% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.77 Gb Total Space | 185.87 Gb Free Space | 80.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D1CC2LB1
Current User Name: Nikhila Deo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL (America Online, Inc.)
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL (America Online, Inc)
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL (America Online, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL (America Online, Inc)
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL (America Online, Inc.)
C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL (America Online, Inc.)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader (AOL LLC)
C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM (AOL LLC)
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ()
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\2008FredV2Step2\FredV2Orient.exe:*:Enabled:FredV2Orient ()
C:\Program Files\2008FredV2Step2\NED.exe:*:Enabled:NBME Exam Driver (NBME)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{33CFCF98-F8D6-4549-B469-6F4295676D83}" = Symantec AntiVirus
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{91E30409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9F70BF98-003C-491D-81FC-FF9792206AF0}" = iTunes
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}" = Palm
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C41F4616-44B6-4E8D-BFC7-4267862A2CE1}" = CinepPlayer 30 Update
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CA369778-C46D-4656-86B7-E28FD98A30BD}" = 2008FredV2Step2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB5B812D-D433-4B9C-97A0-6B291A73F4DB}" = FRED
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB807EB6-5179-48B7-98D4-7B4934A57A81}" = Documents To Go
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EF0E9E8C-24B0-4BEC-A255-9B6819C5B21F}" = FRED
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F445476A-42DE-11D4-80D0-00C04F2750A6}" = Epocrates Essentials
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA" = SCRABBLE
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_6.0" = AIM 6.0
"AOL Connectivity Services" = AOL Connectivity Services
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AOLCoach" = AOL Coach Version 1.0(Build:20040229.1 en)
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"comcasttb" = Comcast Toolbar 3.0
"CSCLIB" = Canon Camera Support Core Library
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"DivX Content Uploader" = DivX Content Uploader
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"Google Desktop" = Google Desktop
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (2.0.0.18)" = Mozilla Firefox (2.0.0.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"PROSet" = Intel® PRO Network Connections Drivers
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer Basic
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Stedman's Medical Dictionary for the Health Professions and Nursing" = Stedman's Medical Dictionary for the Health Professions and Nursing 1.0
"StreetPlugin" = Learn2 Player (Uninstall Only)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Upromise TurboSaver" = Upromise TurboSaver (remove only)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Photos Drag-Drop Uploader 1v7" = Yahoo! Photos Easy Upload Tool 1v7
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Usmleworld Step2 QBank" = Usmleworld Step2 QBank

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Process Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 11:33:10 AM | Computer Name = D1CC2LB1 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec
AntiVirus\VPTray.exe Event Info: Terminate Thread Action Taken: Blocked Actor Process:
C:\Documents and Settings\Nikhila Deo\Desktop\G2G\TFC.exe (PID 224) Time: Sunday,
June 21, 2009 10:33:10 AM

Error - 6/21/2009 1:07:32 PM | Computer Name = D1CC2LB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/21/2009 1:07:32 PM | Computer Name = D1CC2LB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/21/2009 1:25:34 PM | Computer Name = D1CC2LB1 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 6/10/2009 4:07:05 PM | Computer Name = D1CC2LB1 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 30 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/10/2009 4:07:05 PM | Computer Name = D1CC2LB1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 30 minutes. NtpClient has no source of accurate
time.

Error - 6/10/2009 4:37:05 PM | Computer Name = D1CC2LB1 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 60 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/10/2009 4:37:05 PM | Computer Name = D1CC2LB1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 60 minutes. NtpClient has no source of accurate
time.

Error - 6/17/2009 2:19:57 AM | Computer Name = D1CC2LB1 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/17/2009 2:24:24 AM | Computer Name = D1CC2LB1 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/17/2009 2:28:21 AM | Computer Name = D1CC2LB1 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/18/2009 6:41:42 PM | Computer Name = D1CC2LB1 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/19/2009 7:04:55 AM | Computer Name = D1CC2LB1 | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/21/2009 11:46:11 AM | Computer Name = D1CC2LB1 | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3
ee2a554c, parameter4 00000000.

< End of report >