Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DCOM server process launcher terminated and Generic host process for w


  • Please log in to reply

#1
taylee26

taylee26

    New Member

  • Member
  • Pip
  • 1 posts
I am new at this I have multiple problems my computer keeps coming up with a message saying Windows has closed this program Data execution prevention - Generic host process for win32 services. And also I keep getting DCOM server process launcher terminated unexpectedly. I followed the steps that are posted but I can't get GMER rootkit scanner to work it runs for 7hours and wont let me save the file it always locks up on me. So I am posting the files that I was able to get. Please help I don't know what to do and really need my computer to work. Also every time I run AVG free it says I have the same virus every time and I cant get rid of it. The virus is trojan horse Vundo.JU


Malwarebytes' Anti-Malware 1.44
Database version: 3539
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

1/21/2010 8:14:23 AM
mbam-log-2010-01-21 (08-14-23).txt

Scan type: Quick Scan
Objects scanned: 124718
Time elapsed: 5 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



OTL logfile created on: 1/21/2010 5:16:05 PM - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Documents and Settings\Tammy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 136.67 Gb Total Space | 83.22 Gb Free Space | 60.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESIGN
Current User Name: Tammy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/01/04 14:17:28 | 02,070,480 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\Update.exe
PRC - [2010/01/03 17:15:00 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/15 14:41:06 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/15 14:41:05 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/15 14:41:05 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/15 14:41:05 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/15 14:41:00 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/19 11:26:54 | 00,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/11/18 12:47:14 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/05/21 22:13:36 | 00,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
PRC - [2009/05/21 21:46:36 | 00,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqbam08.exe
PRC - [2009/05/21 21:46:36 | 00,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqste08.exe
PRC - [2009/05/21 18:57:00 | 00,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe
PRC - [2009/04/24 01:57:42 | 01,025,320 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
PRC - [2009/03/09 04:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe
PRC - [2008/12/04 16:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/08/04 16:22:18 | 00,164,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008/04/24 12:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/02/14 05:44:29 | 00,374,104 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe
PRC - [2008/02/05 13:29:20 | 00,054,512 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
PRC - [2008/01/28 15:56:41 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2007/09/10 18:35:40 | 00,361,712 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Walgreens\PhotoShow 5\data\Xtras\mssysmgr.exe
PRC - [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/06/21 21:56:14 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/12 19:59:48 | 00,198,184 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe
PRC - [2007/04/11 10:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2007/02/13 00:07:06 | 00,555,008 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2007/02/13 00:07:06 | 00,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2007/02/13 00:07:06 | 00,169,984 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2006/03/20 16:00:04 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/03/01 22:00:18 | 00,018,944 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTXFIHLP.EXE
PRC - [2006/03/01 21:53:36 | 00,717,312 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTXFISPI.EXE
PRC - [2005/12/09 21:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2005/11/08 06:30:42 | 00,016,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2005/11/04 19:07:56 | 00,049,152 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
PRC - [2005/11/02 20:20:16 | 00,145,408 | ---- | M] (3Dconnexion, INC) -- C:\Program Files\3Dconnexion\3Dconnexion 3DxWare\3DxSrv.exe
PRC - [2005/10/14 12:01:06 | 00,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
PRC - [2005/09/08 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/05/03 22:07:32 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PRC - [2004/12/16 16:29:52 | 00,339,968 | ---- | M] () -- C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\PExpress\HPHPED06.exe
PRC - [2004/12/16 03:10:06 | 00,622,592 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon06.exe
PRC - [2004/11/24 05:17:34 | 00,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqgalry.exe
PRC - [2004/08/04 06:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/08/02 12:29:53 | 00,806,912 | R--- | M] () -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\uglmd.exe
PRC - [2004/08/02 12:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
PRC - [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/02/13 13:12:08 | 00,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
PRC - [2003/06/18 02:00:00 | 00,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe
PRC - [2003/05/15 01:19:50 | 00,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
MOD - [2009/10/30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2007/04/19 13:21:40 | 00,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2007/04/12 19:59:56 | 00,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprthook.dll
MOD - [2006/08/25 09:45:56 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/11/08 06:30:42 | 00,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL
MOD - [2004/08/04 06:00:00 | 00,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/02/11 15:58:16 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Tammy\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RasMandvpapi)
SRV - [2009/12/15 14:41:00 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/11/19 11:26:54 | 00,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdcoreservice)
SRV - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdauxservice)
SRV - [2009/05/21 22:13:36 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\digital imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/21 22:03:06 | 00,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\digital imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/03/24 17:16:21 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/02/25 17:30:44 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99798b4f34fbc) Google Update Service (gupdate1c99798b4f34fbc)
SRV - [2008/12/08 17:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/12/04 16:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/03 20:05:42 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/12/03 20:05:32 | 00,044,544 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/08/04 16:22:18 | 00,164,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/04/24 12:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/04/05 09:58:13 | 00,069,632 | ---- | M] (Macrovision ) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service)
SRV - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/01/28 15:56:41 | 00,303,104 | ---- | M] (Motive Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006/04/18 11:56:16 | 00,176,128 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\Monitor.exe -- (MegaMonitorSrv)
SRV - [2006/03/21 09:25:30 | 00,143,427 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/11/06 10:48:26 | 00,040,960 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe -- (MSMFramework)
SRV - [2005/05/04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2005/05/03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/02 12:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) [Auto | Running] -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe -- (Unigraphics License Server (uglmd)) Unigraphics License Server (uglmd)
SRV - [2004/06/02 02:29:00 | 00,077,824 | R--- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\WINDOWS\system32\hpbpro.exe -- (HP Port Resolver)
SRV - [2004/06/02 02:28:00 | 00,073,728 | R--- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\WINDOWS\system32\hpboid.exe -- (HP Status Server)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [1999/12/12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{19A0F032-27D7-4227-BBB5-51AA9E5904F5} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...id=NET_mmhpset"
FF - prefs.js..extensions.enabledItems: {6ad56361-628f-471b-8f9d-4c338973a87d}:5.27.1.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: [email protected]:3.011.025.005
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.0.19
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.7
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {34ea1c70-42cc-42c5-aa29-ec58b95a343e}:1.5.43.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://search.yahoo....-8&fr=ytff-&p="


FF - HKLM\software\mozilla\Firefox\extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/09 14:46:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/15 14:41:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVG\AVG9\Toolbar\Firefox\[email protected] [2009/12/15 14:41:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/10 20:03:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/10 20:03:59 | 00,000,000 | ---D | M]

[2009/04/19 12:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Extensions
[2009/04/19 12:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Extensions\[email protected]
[2010/01/21 16:37:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions
[2008/07/30 13:59:35 | 00,000,000 | ---D | M] (myBabylon Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}
[2009/04/29 11:55:21 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/01 11:14:48 | 00,000,000 | ---D | M] (AOL Radio Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{6ad56361-628f-471b-8f9d-4c338973a87d}
[2008/04/15 19:14:27 | 00,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2009/04/29 11:55:15 | 00,000,000 | ---D | M] (ScribeFire) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{F807FACD-E46A-4793-B345-D58CB177673C}
[2009/08/12 13:22:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\[email protected]
[2009/09/26 20:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\[email protected]
[2009/06/01 11:15:04 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\searchplugins\aol-search.xml
[2009/01/17 11:35:48 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\searchplugins\live-search.xml
[2010/01/21 16:37:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/15 11:52:06 | 00,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2008/07/14 13:29:00 | 00,000,927 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\conduit.xml

O1 HOSTS File: (211 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (Freecause Toolbar BHO) - {399C60D2-38B1-4E25-B9E7-6498C1BC2DCD} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (&Security Update) - {6551001F-A07B-40B1-8F55-B44BF35A42A6} - C:\WINDOWS\System32\win32extension.dll File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Dogpile Toolbar) - {C53FE659-316A-4F56-A194-A5BE491BE866} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Toolbar) - {C53FE659-316A-4F56-A194-A5BE491BE866} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [gclwvrsr] C:\WINDOWS\System32\eizxnizs.exe File not found
O4 - HKLM..\Run: [gcNotifier] C:\Documents and Settings\Tammy\Local Settings\Application Data\VTShared\GCNotifier.exe File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe (HP)
O4 - HKLM..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHped06] C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\PExpress\HPHPED06.exe ()
O4 - HKLM..\Run: [HPHUPD06] C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Popup] C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Walgreens PhotoShow Media Manager] C:\Program Files\Walgreens\PhotoShow 5\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Auto Detect.lnk = C:\Program Files\iConcepts Music Express\MEAutoDetect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Disney [2009/01/05 11:52:06 | 00,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Start 3DxWare.lnk = C:\Program Files\3Dconnexion\3Dconnexion 3DxWare\3DxSrv.exe (3Dconnexion, INC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &aol radio toolbar search - C:\Documents and Settings\All Users\Application Data\AOL Radio Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - File not found
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264110667093 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} http://pccheckup.del...ll/gtdownde.cab (Dell PC Checkup Installer Control)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD 2002\AcPreview.ocx (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\) - C:\WINDOWS\System32\ [2010/01/21 16:58:18 | 00,000,000 | ---D | M]
O20 - AppInit_DLLs: (zavubeve.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b2916fa8-0157-11df-8763-001372af5abd}\Shell\AutoRun\command - "" = G:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{b2916fa8-0157-11df-8763-001372af5abd}\Shell\Setup FlipShare\command - "" = G:\Setup_FlipShare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/08/11 18:02:12 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (74312842710351872)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/21 16:51:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/01/21 16:38:14 | 02,516,232 | ---- | C] ( ) -- C:\Documents and Settings\Tammy\Desktop\setup.exe
[2010/01/21 16:21:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\Items for your DVD 2010-01-21
[2010/01/21 07:34:17 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Tammy\Recent
[2010/01/15 16:06:23 | 00,000,000 | ---D | C] -- C:\Program Files\3ivx
[2010/01/15 16:06:15 | 00,000,000 | ---D | C] -- C:\Program Files\Flip Video
[2010/01/15 16:06:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2010/01/12 17:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2010/01/11 15:09:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\gmer
[2010/01/11 15:00:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/11 14:59:07 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/11 14:50:22 | 00,543,744 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
[2010/01/11 14:49:32 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Tammy\Desktop\erunt_setup.exe
[2010/01/11 14:49:10 | 00,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\TFC.exe
[2010/01/11 12:00:50 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/01/11 10:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Application Data\Malwarebytes
[2010/01/11 10:45:25 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/11 10:45:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/11 10:45:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/11 10:45:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/11 10:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/08 15:00:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Local Settings\Application Data\Threat Expert
[2010/01/08 14:30:40 | 34,628,432 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Tammy\Desktop\sdsetup.exe
[2010/01/07 17:49:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\mortech
[2009/12/15 14:39:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/15 14:39:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/15 14:39:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/15 14:39:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/10/13 12:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/03/30 20:34:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/02/25 17:30:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/01/19 03:01:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2008/03/19 19:58:51 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2007/11/27 09:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2007/11/27 09:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2007/09/12 21:44:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/02/19 14:20:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Creative
[2007/02/12 23:42:59 | 00,033,792 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 14 Days ==========

[2010/01/21 17:15:16 | 07,077,888 | ---- | M] () -- C:\Documents and Settings\Tammy\ntuser.dat
[2010/01/21 17:10:14 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/21 16:51:26 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/01/21 16:38:23 | 02,516,232 | ---- | M] ( ) -- C:\Documents and Settings\Tammy\Desktop\setup.exe
[2010/01/21 16:32:39 | 00,614,879 | ---- | M] () -- C:\logfile
[2010/01/21 16:26:57 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/01/21 16:26:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/21 16:25:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2010/01/21 16:25:45 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/21 16:25:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/21 16:25:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/21 16:25:23 | 32,187,59680 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/21 16:24:16 | 00,064,980 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,054,788 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,054,788 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/01/21 16:24:16 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/01/21 16:23:53 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Tammy\ntuser.ini
[2010/01/21 16:19:07 | 12,759,040 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/01/21 16:19:07 | 06,538,240 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/01/21 07:42:58 | 54,461,828 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/21 07:42:28 | 00,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/20 22:35:21 | 00,000,246 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100120-223521.backup
[2010/01/20 22:35:21 | 00,000,211 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/19 18:00:02 | 00,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010/01/16 12:10:12 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/16 12:09:56 | 00,000,754 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/15 17:06:00 | 00,001,015 | R--- | M] () -- C:\logFile.xsl
[2010/01/15 17:05:00 | 00,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/01/15 14:50:25 | 00,000,390 | ---- | M] () -- C:\Documents and Settings\Tammy\.start_gmlaunch_settings.def
[2010/01/12 08:52:59 | 00,981,231 | ---- | M] () -- C:\s1.jpg
[2010/01/12 08:51:36 | 00,981,231 | ---- | M] () -- C:\ma706146s.f01.0010.jpg
[2010/01/12 08:51:03 | 00,095,720 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\ma706146s.f01.0010.cgm
[2010/01/11 21:59:37 | 00,001,579 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\Cool Cat Casino.lnk
[2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
[2010/01/11 14:50:03 | 00,284,915 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\gmer.zip
[2010/01/11 14:49:35 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Tammy\Desktop\erunt_setup.exe
[2010/01/11 14:49:10 | 00,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\TFC.exe
[2010/01/11 12:23:13 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/11 12:00:52 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\SpywareBlaster.lnk
[2010/01/11 10:45:28 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/11 10:01:02 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\CCleaner.lnk
[2010/01/11 09:35:12 | 00,076,800 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\view_arrow_see_sht.prt
[2010/01/09 15:58:12 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/09 10:25:59 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/08 14:37:53 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/08 14:35:37 | 34,628,432 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Tammy\Desktop\sdsetup.exe
[2010/01/08 13:48:11 | 00,000,551 | ---- | M] () -- C:\WINDOWS\wininit.ini

========== Files Created - No Company Name ==========

[2010/01/18 09:42:00 | 07,077,888 | ---- | C] () -- C:\Documents and Settings\Tammy\ntuser.dat
[2010/01/15 17:06:00 | 00,001,015 | R--- | C] () -- C:\logFile.xsl
[2010/01/15 17:05:00 | 00,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/01/12 08:52:59 | 00,981,231 | ---- | C] () -- C:\s1.jpg
[2010/01/12 08:51:36 | 00,981,231 | ---- | C] () -- C:\ma706146s.f01.0010.jpg
[2010/01/12 08:51:03 | 00,095,720 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\ma706146s.f01.0010.cgm
[2010/01/11 21:59:37 | 00,001,579 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\Cool Cat Casino.lnk
[2010/01/11 14:50:02 | 00,284,915 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\gmer.zip
[2010/01/11 12:23:13 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/11 12:00:52 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\SpywareBlaster.lnk
[2010/01/11 10:45:28 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/11 10:01:02 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\CCleaner.lnk
[2010/01/11 09:35:11 | 00,076,800 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\view_arrow_see_sht.prt
[2010/01/08 14:38:13 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/01/08 14:38:02 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/01/08 14:37:53 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/08 14:37:50 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009/11/10 11:14:51 | 00,000,002 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\7zip_progress_8CC068E4-D005-4144-B7E4-1BA1BCD8ACAC.txt
[2009/11/10 11:14:48 | 00,000,002 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\7zip_progress_63DC2BA3-B326-47CD-989B-B0E8E8B0559C.txt
[2009/08/14 15:39:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2009/05/24 16:48:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\838d93ea.sys
[2009/05/14 10:09:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\f007511a.sys
[2009/05/14 02:01:51 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/02/10 19:36:31 | 00,002,393 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009/02/10 19:36:26 | 00,000,202 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008/08/21 18:24:15 | 00,054,134 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/08/01 23:10:37 | 00,000,164 | ---- | C] () -- C:\WINDOWS\RECMGRUN.INI
[2008/08/01 23:10:11 | 00,003,455 | ---- | C] () -- C:\WINDOWS\RECVCALL.INI
[2008/04/05 09:58:22 | 00,000,222 | ---- | C] () -- C:\WINDOWS\System32\SunData.ini
[2008/04/05 09:57:16 | 00,000,064 | ---- | C] () -- C:\WINDOWS\TTL3.ini
[2008/03/19 19:58:51 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2008/02/19 01:33:34 | 00,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/09/25 23:40:40 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/25 17:17:15 | 00,000,121 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/02/28 15:39:13 | 00,000,136 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2007/02/27 13:46:12 | 00,001,782 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/22 16:30:54 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2007/02/16 10:51:59 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/16 09:11:22 | 01,970,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/02/14 17:54:58 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/14 17:48:04 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\fusioncache.dat
[2007/02/14 17:20:50 | 00,009,198 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/02/13 00:10:17 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/02/13 00:07:42 | 00,000,551 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/02/12 23:39:38 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2007/02/12 23:39:38 | 00,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/02/12 23:39:38 | 00,000,053 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/02/12 23:39:37 | 00,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/02/12 23:38:43 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/02/12 23:38:31 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\symmpi.sys
[2007/02/12 23:37:44 | 00,000,393 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/15 13:57:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/27 13:07:32 | 00,880,640 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/05/27 13:07:32 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/08/11 18:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/09/18 16:50:28 | 00,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2008/08/21 18:20:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2007/06/12 10:23:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2010/01/08 12:48:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/21 07:46:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/06/25 02:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comcast
[2009/01/05 11:06:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigitalBlue
[2008/08/01 23:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/07/17 22:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2010/01/05 08:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/01/15 16:06:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2008/08/22 13:54:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2009/02/14 22:58:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2007/10/08 23:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2008/04/01 17:09:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2009/03/17 15:47:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/08/01 23:20:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/08/21 17:19:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2007/09/25 09:10:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simple Star Shared
[2007/08/21 13:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/21 16:45:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/03 19:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2007/10/24 21:49:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2007/04/19 11:22:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2007/10/27 12:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/07/07 23:16:48 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Tammy\Application Data\.#
[2007/02/22 16:37:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\3Dconnexion
[2009/05/11 22:19:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\aAvgApi
[2008/08/21 18:20:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\AT&T
[2007/02/23 10:35:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Autodesk
[2009/10/02 17:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\CasinoStates
[2009/09/10 11:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1
[2009/01/06 20:12:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Disney Mix It Plug-in
[2008/01/29 23:19:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\FileZilla
[2009/07/23 20:37:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\GoldVegas
[2007/02/23 09:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Leadertech
[2010/01/06 22:26:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\LimeWire
[2008/01/31 19:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\School Zone Preferences
[2007/04/05 15:26:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Simple Star
[2007/09/12 21:15:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Snapfish
[2009/07/23 20:37:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Thebes
[2008/03/16 22:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\VTExtra
[2009/11/10 12:43:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Walgreens
[2007/12/09 17:35:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\yoclient
[2010/01/07 16:10:01 | 00,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/01/19 18:00:02 | 00,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009/05/14 13:05:55 | 00,530,083 | ---- | M] (BellSouth Internet Services ) -- C:\HC4DecommissionScheduler.exe


< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0027\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2006/07/06 06:59:42 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\dell\drivers\R130118\iastor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< MD5 for: VIPRT.SYS >
[2006/06/28 05:41:42 | 00,058,368 | ---- | M] (VIA Technologies, Inc.) MD5=48D1E07EE0FEFE1FE5543B4CB419E85C -- C:\WINDOWS\system32\drivers\ViPrt.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/02/20 03:14:47 | 00,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/02/20 03:14:47 | 00,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\SHOPLAYOUT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\jokes:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\gmems_v07.1:Roxio EMC Stream
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >


OTL Extras logfile created on: 1/21/2010 5:16:06 PM - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Documents and Settings\Tammy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 136.67 Gb Total Space | 83.22 Gb Free Space | 60.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DESIGN
Current User Name: Tammy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:SYS32DLL
"7171:TCP" = 7171:TCP:*:Enabled:SYS32DLL

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\HP\digital imaging\bin\hpqtra08.exe" = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqste08.exe" = C:\Program Files\HP\digital imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hposid01.exe" = C:\Program Files\HP\digital imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\digital imaging\bin\hpoews01.exe" = C:\Program Files\HP\digital imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqusgm.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqusgh.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe:*:Disabled:popup -- ( )
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\UGS\NX 3.0\UGII\ugraf.exe" = C:\Program Files\UGS\NX 3.0\UGII\ugraf.exe:*:Enabled:NX Component -- (UGS Corp.)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\att-nap\McciBrowser.exe" = C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Dogpile Toolbar\TroubleShooter.exe" = C:\Program Files\Dogpile Toolbar\TroubleShooter.exe:*:Enabled:Dogpile Toolbar (Helper) -- File not found
"C:\Program Files\Dogpile Toolbar\ToolbarUpdate.exe" = C:\Program Files\Dogpile Toolbar\ToolbarUpdate.exe:*:Enabled:Dogpile Toolbar (Update) -- File not found
"C:\Program Files\HP\digital imaging\bin\hpqtra08.exe" = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqste08.exe" = C:\Program Files\HP\digital imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hposid01.exe" = C:\Program Files\HP\digital imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\digital imaging\bin\hpoews01.exe" = C:\Program Files\HP\digital imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqusgm.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqusgh.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08F9879C-0AA3-4B0A-AACE-3498BBCAE175}" = Scrapbook Factory Deluxe 3.0
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F841AC7-3572-42E6-9031-B132885AB513}" = 3Dconnexion Getting Started
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15B3667C-3468-4B03-8CC1-0EE41AD589F3}" = PSPrinters06
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 13
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2CF09417-ED87-440C-A134-988D5D5B4D8E}" = 3Dconnexion NX Views
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2E3BEFB7-BFA6-4DB5-BC81-702C9021DE25}" = Disney's Extremely Goofy Skateboarding
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30363C5E-1A3E-43B2-947F-7589DC1DA185}" = JSWPFGrade2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353073E8-1185-4823-8F3A-A1F4AF6DD2CD}" = Sonic DVDit
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{37C01E1C-5982-44A8-933F-C8AC223EF33D}" = Larson VizEx Reader
"{38C3632A-D9A9-42A9-8620-AE726BFCAD3D}" = DWGgateway
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440701AA-4602-409C-8CC3-5BB9D2F11A91}" = NX 3 FLEXlm
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5010C983-0983-411E-98CC-9C4FC2879846}" = Disney/Pixar's Jessie's Wild West Rodeo
"{52D56C42-8C69-4882-A661-39695537C9CF}" = DellConnect
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{549DD7F5-D445-4569-ACAF-822DC75F5EBF}" = Dell SAS RAID Storage Manager v1.16-00
"{574EA9D1-DB4C-4256-9341-E53A3C5C3282}" = PSPExpress
"{5783F2D7-0101-0409-0000-0060B0CE6BBA}" = AutoCAD 2002
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BCB7EAA-598C-4836-B7EA-3642E41AA222}" = Microsoft LifeCam
"{75569133-FD58-4F54-B622-9193EC7B6000}" = LITTLEST PET SHOP™
"{766E4715-B801-46B3-9D91-12288AB88428}" = DB CIF Cam
"{795B33DF-67F6-48FB-A730-7B9A6AE35E8D}" = PS8700
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{82A1E81B-4FA3-4124-89A6-1BDCFBB942AC}" = 3Dconnexion Add-In for AutoCAD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8B8964B0-E18B-4AA3-A152-FE319DCA6A0E}" = JSWorld2GMain
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A2F0A59-B202-4D2A-9343-A7E5ACE852B7}" = JSWPFCom
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D180A76-C05F-4064-94B1-069E6EEEA5EF}" = NX 3
"{9F8C8C2C-3926-45D3-B247-3F478A1D0D9F}" = NX 3 Translators
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A520D984-8F50-4D35-BDD1-B47F116B9D64}" = 3Dconnexion 3DxWare
"{A84EB063-10A9-49D5-B64F-EB1192E7EA6F}" = Disney Mix Central
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A943CC79-CC0E-4F74-B613-EAB418F043AD}" = JSWorldKGMain
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-1033-0000-BA7E-000000000001}" = Adobe Acrobat 6.0 Standard
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2EB23D7-8AA5-457F-82B8-4F60321A9CC7}" = JSWPFGradeK
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BA2D9411-DBB4-43e4-9421-780413650A67}" = Photosmart 320,370,7400,8100,8400,8700 Series
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC509FE5-1445-46C9-827C-6120429CB942}" = Windows Live Family Safety
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.0
"{DF27BAF0-47DB-42A7-9B17-DFAC05050C91}" = Disney's Aladdin Chess Adventures
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E18BCEBF-805F-4D20-BFE2-103BCBFF3C96}" = Disney Mix-It Plug-in and Windows Media Player Skin
"{E2A93211-5048-46BF-B6A3-05E6C91B2A3B}" = 3Dconnexion 3DxOffice
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{EDF1085A-73FF-4B3B-8726-2A403D400E48}" = DesignPro 5.0 Media Edition
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FEA0CE81-7FC7-AAAE-FC8C-241A5F8684F0}" = Supercast
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"ABViewer 6.2_is1" = ABViewer 6.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AnswerWorks" = AnswerWorks Runtime
"AVG9Uninstall" = AVG Free 9.0
"BellsouthHelpCenter4.0b_is1" = FastAccess® DSL Help Center 4.3
"Candyz" = Candyz 1.0
"CardRecovery" = CardRecovery
"CCleaner" = CCleaner
"com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1" = Supercast
"Cool Cat Casino" = Cool Cat Casino
"Dogz" = Dogz (remove only)
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"EDS Factory 7.1 Enablers" = EDS Factory 7.1 Enablers
"EDS Factory 8.0 Enablers" = EDS Factory 8.0 Enablers
"ERUNT_is1" = ERUNT 1.1j
"GamesBar" = GamesBar 1.1.0.5
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photo & Imaging" = HP Image Zone 4.7
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{8B8964B0-E18B-4AA3-A152-FE319DCA6A0E}" = JSWorld2GMain
"InstallShield_{A943CC79-CC0E-4F74-B613-EAB418F043AD}" = JSWorldKGMain
"InstallShield_{EDF1085A-73FF-4B3B-8726-2A403D400E48}" = DesignPro 5.0 Media Edition
"JS World 2nd Grade" = JS World 2nd Grade
"JS World Kindergarten" = JS World Kindergarten
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"NVIDIA Drivers" = NVIDIA Drivers
"oggcodecs" = oggcodecs 0.71.0946
"Photags Music Express" = iConcepts Music Express
"PhoTagsExpress" = PhoTags Express
"Playsushi" = Playsushi
"SearchAssist" = SearchAssist
"Shop for HP Supplies" = Shop for HP Supplies
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"spyware doctor" = Spyware Doctor 7.0
"SpywareBlaster_is1" = SpywareBlaster 4.2
"The Game of Life - SpongeBob SquarePants Edition" = The Game of Life - SpongeBob SquarePants Edition
"Volo View Express" = Volo View Express
"Walgreens PhotoShow 5" = Walgreens PhotoShow 5
"Walgreens PhotoShow Express" = Walgreens PhotoShow Express
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ESPN Java Check" = ESPN Java Check
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/21/2010 9:06:48 AM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application hpwucli.exe, version 5.0.8.1, faulting module
hpwucli.exe, version 5.0.8.1, fault address 0x000099b1.

Error - 1/21/2010 9:17:00 AM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.

Error - 1/21/2010 9:18:09 AM | Computer Name = DESIGN | Source = Application Error | ID = 1001
Description = Fault bucket 938228494.

Error - 1/21/2010 9:20:20 AM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.

Error - 1/21/2010 9:21:19 AM | Computer Name = DESIGN | Source = Application Error | ID = 1001
Description = Fault bucket 938228494.

Error - 1/21/2010 9:21:27 AM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.

Error - 1/21/2010 5:18:39 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application auto_updater_shim.exe, version 3.0.0.61, faulting
module auto_updater_shim.exe, version 3.0.0.61, fault address 0x00016b96.

Error - 1/21/2010 5:22:33 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0285f7a0.

Error - 1/21/2010 5:26:07 PM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.

Error - 1/21/2010 6:09:04 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00c0f7a0.

[ System Events ]
Error - 1/21/2010 5:53:39 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 1/21/2010 5:57:58 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 1/21/2010 5:57:59 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 1/21/2010 5:58:01 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 1/21/2010 5:58:01 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 1/21/2010 5:58:03 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 1/21/2010 5:58:03 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2

Error - 1/21/2010 5:58:16 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.

Error - 1/21/2010 6:09:06 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7031
Description = The DCOM Server Process Launcher service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Reboot the machine.

Error - 1/21/2010 6:09:06 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7034
Description = The Terminal Services service terminated unexpectedly. It has done
this 1 time(s).


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP