Malwarebytes' Anti-Malware 1.44
Database version: 3539
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
1/21/2010 8:14:23 AM
mbam-log-2010-01-21 (08-14-23).txt
Scan type: Quick Scan
Objects scanned: 124718
Time elapsed: 5 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 1/21/2010 5:16:05 PM - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Documents and Settings\Tammy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 136.67 Gb Total Space | 83.22 Gb Free Space | 60.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DESIGN
Current User Name: Tammy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/01/04 14:17:28 | 02,070,480 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\Update.exe
PRC - [2010/01/03 17:15:00 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/15 14:41:06 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/15 14:41:05 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/15 14:41:05 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/15 14:41:05 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/15 14:41:00 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/19 11:26:54 | 00,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/11/18 12:47:14 | 01,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/05/21 22:13:36 | 00,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
PRC - [2009/05/21 21:46:36 | 00,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqbam08.exe
PRC - [2009/05/21 21:46:36 | 00,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqste08.exe
PRC - [2009/05/21 18:57:00 | 00,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe
PRC - [2009/04/24 01:57:42 | 01,025,320 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
PRC - [2009/03/09 04:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe
PRC - [2008/12/04 16:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/08/04 16:22:18 | 00,164,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008/04/24 12:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/02/14 05:44:29 | 00,374,104 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe
PRC - [2008/02/05 13:29:20 | 00,054,512 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
PRC - [2008/01/28 15:56:41 | 00,303,104 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
PRC - [2007/09/10 18:35:40 | 00,361,712 | ---- | M] (Simple Star, Inc.) -- C:\Program Files\Walgreens\PhotoShow 5\data\Xtras\mssysmgr.exe
PRC - [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/06/21 21:56:14 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/12 19:59:48 | 00,198,184 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe
PRC - [2007/04/11 10:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2007/02/13 00:07:06 | 00,555,008 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2007/02/13 00:07:06 | 00,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2007/02/13 00:07:06 | 00,169,984 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2006/03/20 16:00:04 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/03/01 22:00:18 | 00,018,944 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTXFIHLP.EXE
PRC - [2006/03/01 21:53:36 | 00,717,312 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTXFISPI.EXE
PRC - [2005/12/09 21:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2005/11/08 06:30:42 | 00,016,384 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2005/11/04 19:07:56 | 00,049,152 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
PRC - [2005/11/02 20:20:16 | 00,145,408 | ---- | M] (3Dconnexion, INC) -- C:\Program Files\3Dconnexion\3Dconnexion 3DxWare\3DxSrv.exe
PRC - [2005/10/14 12:01:06 | 00,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
PRC - [2005/09/08 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/05/03 22:07:32 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PRC - [2004/12/16 16:29:52 | 00,339,968 | ---- | M] () -- C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\PExpress\HPHPED06.exe
PRC - [2004/12/16 03:10:06 | 00,622,592 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon06.exe
PRC - [2004/11/24 05:17:34 | 00,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqgalry.exe
PRC - [2004/08/04 06:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/08/02 12:29:53 | 00,806,912 | R--- | M] () -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\uglmd.exe
PRC - [2004/08/02 12:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
PRC - [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/02/13 13:12:08 | 00,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
PRC - [2003/06/18 02:00:00 | 00,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe
PRC - [2003/05/15 01:19:50 | 00,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
========== Modules (SafeList) ==========
MOD - [2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
MOD - [2009/10/30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009/09/09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2007/04/19 13:21:40 | 00,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2007/04/12 19:59:56 | 00,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprthook.dll
MOD - [2006/08/25 09:45:56 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/11/08 06:30:42 | 00,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL
MOD - [2004/08/04 06:00:00 | 00,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/02/11 15:58:16 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Tammy\Local Settings\Temp\IadHide5.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (RasMandvpapi)
SRV - [2009/12/15 14:41:00 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/11/19 11:26:54 | 00,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/11/06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdcoreservice)
SRV - [2009/10/30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdauxservice)
SRV - [2009/05/21 22:13:36 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\digital imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/21 22:03:06 | 00,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\digital imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/03/24 17:16:21 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/09 04:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/02/25 17:30:44 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c99798b4f34fbc) Google Update Service (gupdate1c99798b4f34fbc)
SRV - [2008/12/08 17:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/12/04 16:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/03 20:05:42 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/12/03 20:05:32 | 00,044,544 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/08/04 16:22:18 | 00,164,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/04/24 12:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/04/05 09:58:13 | 00,069,632 | ---- | M] (Macrovision ) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service)
SRV - [2008/02/18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/01/28 15:56:41 | 00,303,104 | ---- | M] (Motive Communications, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2007/07/24 14:17:08 | 00,229,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006/04/18 11:56:16 | 00,176,128 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\Monitor.exe -- (MegaMonitorSrv)
SRV - [2006/03/21 09:25:30 | 00,143,427 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/11/06 10:48:26 | 00,040,960 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe -- (MSMFramework)
SRV - [2005/05/04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2005/05/03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/02 12:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) [Auto | Running] -- C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe -- (Unigraphics License Server (uglmd)) Unigraphics License Server (uglmd)
SRV - [2004/06/02 02:29:00 | 00,077,824 | R--- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\WINDOWS\system32\hpbpro.exe -- (HP Port Resolver)
SRV - [2004/06/02 02:28:00 | 00,073,728 | R--- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\WINDOWS\system32\hpboid.exe -- (HP Status Server)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [1999/12/12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070212
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{19A0F032-27D7-4227-BBB5-51AA9E5904F5} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.comcast.n...id=NET_mmhpset"
FF - prefs.js..extensions.enabledItems: {6ad56361-628f-471b-8f9d-4c338973a87d}:5.27.1.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.0.19
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.7
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {34ea1c70-42cc-42c5-aa29-ec58b95a343e}:1.5.43.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://search.yahoo....-8&fr=ytff-&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/09 14:46:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/15 14:41:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/12/15 14:41:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/10 20:03:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/10 20:03:59 | 00,000,000 | ---D | M]
[2009/04/19 12:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Extensions
[2009/04/19 12:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Extensions\[email protected]
[2010/01/21 16:37:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions
[2008/07/30 13:59:35 | 00,000,000 | ---D | M] (myBabylon Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}
[2009/04/29 11:55:21 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/01 11:14:48 | 00,000,000 | ---D | M] (AOL Radio Toolbar) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{6ad56361-628f-471b-8f9d-4c338973a87d}
[2008/04/15 19:14:27 | 00,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2009/04/29 11:55:15 | 00,000,000 | ---D | M] (ScribeFire) -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\{F807FACD-E46A-4793-B345-D58CB177673C}
[2009/08/12 13:22:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\[email protected]
[2009/09/26 20:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\extensions\[email protected]
[2009/06/01 11:15:04 | 00,001,741 | ---- | M] () -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\searchplugins\aol-search.xml
[2009/01/17 11:35:48 | 00,001,632 | ---- | M] () -- C:\Documents and Settings\Tammy\Application Data\Mozilla\Firefox\Profiles\p9j4qxxm.default\searchplugins\live-search.xml
[2010/01/21 16:37:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/15 11:52:06 | 00,376,832 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll
[2008/07/14 13:29:00 | 00,000,927 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\conduit.xml
O1 HOSTS File: (211 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll ()
O2 - BHO: (Freecause Toolbar BHO) - {399C60D2-38B1-4E25-B9E7-6498C1BC2DCD} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (&Security Update) - {6551001F-A07B-40B1-8F55-B44BF35A42A6} - C:\WINDOWS\System32\win32extension.dll File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Dogpile Toolbar) - {C53FE659-316A-4F56-A194-A5BE491BE866} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Dogpile Toolbar) - {C53FE659-316A-4F56-A194-A5BE491BE866} - C:\Program Files\Dogpile Toolbar\Toolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [gclwvrsr] C:\WINDOWS\System32\eizxnizs.exe File not found
O4 - HKLM..\Run: [gcNotifier] C:\Documents and Settings\Tammy\Local Settings\Application Data\VTShared\GCNotifier.exe File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe (HP)
O4 - HKLM..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHped06] C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\PExpress\HPHPED06.exe ()
O4 - HKLM..\Run: [HPHUPD06] C:\Program Files\HP\{BA2D9411-DBB4-43e4-9421-780413650A67}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Popup] C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Walgreens PhotoShow Media Manager] C:\Program Files\Walgreens\PhotoShow 5\data\Xtras\mssysmgr.exe (Simple Star, Inc.)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Auto Detect.lnk = C:\Program Files\iConcepts Music Express\MEAutoDetect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Disney [2009/01/05 11:52:06 | 00,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Start 3DxWare.lnk = C:\Program Files\3Dconnexion\3Dconnexion 3DxWare\3DxSrv.exe (3Dconnexion, INC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &aol radio toolbar search - C:\Documents and Settings\All Users\Application Data\AOL Radio Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - File not found
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\digital imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264110667093 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} http://pccheckup.del...ll/gtdownde.cab (Dell PC Checkup Installer Control)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD 2002\AcPreview.ocx (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\) - C:\WINDOWS\System32\ [2010/01/21 16:58:18 | 00,000,000 | ---D | M]
O20 - AppInit_DLLs: (zavubeve.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b2916fa8-0157-11df-8763-001372af5abd}\Shell\AutoRun\command - "" = G:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{b2916fa8-0157-11df-8763-001372af5abd}\Shell\Setup FlipShare\command - "" = G:\Setup_FlipShare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/08/11 18:02:12 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (74312842710351872)
========== Files/Folders - Created Within 14 Days ==========
[2010/01/21 16:51:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/01/21 16:38:14 | 02,516,232 | ---- | C] ( ) -- C:\Documents and Settings\Tammy\Desktop\setup.exe
[2010/01/21 16:21:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\Items for your DVD 2010-01-21
[2010/01/21 07:34:17 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Tammy\Recent
[2010/01/15 16:06:23 | 00,000,000 | ---D | C] -- C:\Program Files\3ivx
[2010/01/15 16:06:15 | 00,000,000 | ---D | C] -- C:\Program Files\Flip Video
[2010/01/15 16:06:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2010/01/12 17:23:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP
[2010/01/11 15:09:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\gmer
[2010/01/11 15:00:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/11 14:59:07 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/11 14:50:22 | 00,543,744 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
[2010/01/11 14:49:32 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Tammy\Desktop\erunt_setup.exe
[2010/01/11 14:49:10 | 00,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\TFC.exe
[2010/01/11 12:00:50 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/01/11 10:45:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Application Data\Malwarebytes
[2010/01/11 10:45:25 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/11 10:45:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/11 10:45:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/11 10:45:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/11 10:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/08 15:00:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Local Settings\Application Data\Threat Expert
[2010/01/08 14:30:40 | 34,628,432 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Tammy\Desktop\sdsetup.exe
[2010/01/07 17:49:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tammy\Desktop\mortech
[2009/12/15 14:39:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/15 14:39:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/15 14:39:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/15 14:39:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/10/13 12:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/03/30 20:34:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/02/25 17:30:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/01/19 03:01:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2008/03/19 19:58:51 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2007/11/27 09:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
[2007/11/27 09:26:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Mozilla
[2007/09/12 21:44:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/02/19 14:20:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Creative
[2007/02/12 23:42:59 | 00,033,792 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
========== Files - Modified Within 14 Days ==========
[2010/01/21 17:15:16 | 07,077,888 | ---- | M] () -- C:\Documents and Settings\Tammy\ntuser.dat
[2010/01/21 17:10:14 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/21 16:51:26 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/01/21 16:38:23 | 02,516,232 | ---- | M] ( ) -- C:\Documents and Settings\Tammy\Desktop\setup.exe
[2010/01/21 16:32:39 | 00,614,879 | ---- | M] () -- C:\logfile
[2010/01/21 16:26:57 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/01/21 16:26:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/21 16:25:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2010/01/21 16:25:45 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/21 16:25:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/21 16:25:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/21 16:25:23 | 32,187,59680 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/21 16:24:16 | 00,064,980 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,054,788 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,054,788 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000005-00001102-00000005-10031102}.rfx
[2010/01/21 16:24:16 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/01/21 16:24:16 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/01/21 16:23:53 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Tammy\ntuser.ini
[2010/01/21 16:19:07 | 12,759,040 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/01/21 16:19:07 | 06,538,240 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/01/21 07:42:58 | 54,461,828 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/21 07:42:28 | 00,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/20 22:35:21 | 00,000,246 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100120-223521.backup
[2010/01/20 22:35:21 | 00,000,211 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/19 18:00:02 | 00,000,442 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010/01/16 12:10:12 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/16 12:09:56 | 00,000,754 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/15 17:06:00 | 00,001,015 | R--- | M] () -- C:\logFile.xsl
[2010/01/15 17:05:00 | 00,000,819 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/01/15 14:50:25 | 00,000,390 | ---- | M] () -- C:\Documents and Settings\Tammy\.start_gmlaunch_settings.def
[2010/01/12 08:52:59 | 00,981,231 | ---- | M] () -- C:\s1.jpg
[2010/01/12 08:51:36 | 00,981,231 | ---- | M] () -- C:\ma706146s.f01.0010.jpg
[2010/01/12 08:51:03 | 00,095,720 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\ma706146s.f01.0010.cgm
[2010/01/11 21:59:37 | 00,001,579 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\Cool Cat Casino.lnk
[2010/01/11 14:50:25 | 00,543,744 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\OTL.exe
[2010/01/11 14:50:03 | 00,284,915 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\gmer.zip
[2010/01/11 14:49:35 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Tammy\Desktop\erunt_setup.exe
[2010/01/11 14:49:10 | 00,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tammy\Desktop\TFC.exe
[2010/01/11 12:23:13 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/11 12:00:52 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\SpywareBlaster.lnk
[2010/01/11 10:45:28 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/11 10:01:02 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\CCleaner.lnk
[2010/01/11 09:35:12 | 00,076,800 | ---- | M] () -- C:\Documents and Settings\Tammy\Desktop\view_arrow_see_sht.prt
[2010/01/09 15:58:12 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/09 10:25:59 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/08 14:37:53 | 00,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/08 14:35:37 | 34,628,432 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Tammy\Desktop\sdsetup.exe
[2010/01/08 13:48:11 | 00,000,551 | ---- | M] () -- C:\WINDOWS\wininit.ini
========== Files Created - No Company Name ==========
[2010/01/18 09:42:00 | 07,077,888 | ---- | C] () -- C:\Documents and Settings\Tammy\ntuser.dat
[2010/01/15 17:06:00 | 00,001,015 | R--- | C] () -- C:\logFile.xsl
[2010/01/15 17:05:00 | 00,000,819 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FlipShare.lnk
[2010/01/12 08:52:59 | 00,981,231 | ---- | C] () -- C:\s1.jpg
[2010/01/12 08:51:36 | 00,981,231 | ---- | C] () -- C:\ma706146s.f01.0010.jpg
[2010/01/12 08:51:03 | 00,095,720 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\ma706146s.f01.0010.cgm
[2010/01/11 21:59:37 | 00,001,579 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\Cool Cat Casino.lnk
[2010/01/11 14:50:02 | 00,284,915 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\gmer.zip
[2010/01/11 12:23:13 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/11 12:00:52 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\SpywareBlaster.lnk
[2010/01/11 10:45:28 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/11 10:01:02 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\CCleaner.lnk
[2010/01/11 09:35:11 | 00,076,800 | ---- | C] () -- C:\Documents and Settings\Tammy\Desktop\view_arrow_see_sht.prt
[2010/01/08 14:38:13 | 00,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/01/08 14:38:02 | 00,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/01/08 14:37:53 | 00,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010/01/08 14:37:50 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2009/11/10 11:14:51 | 00,000,002 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\7zip_progress_8CC068E4-D005-4144-B7E4-1BA1BCD8ACAC.txt
[2009/11/10 11:14:48 | 00,000,002 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\7zip_progress_63DC2BA3-B326-47CD-989B-B0E8E8B0559C.txt
[2009/08/14 15:39:23 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2009/05/24 16:48:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\838d93ea.sys
[2009/05/14 10:09:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\f007511a.sys
[2009/05/14 02:01:51 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/02/10 19:36:31 | 00,002,393 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009/02/10 19:36:26 | 00,000,202 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008/08/21 18:24:15 | 00,054,134 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/08/01 23:10:37 | 00,000,164 | ---- | C] () -- C:\WINDOWS\RECMGRUN.INI
[2008/08/01 23:10:11 | 00,003,455 | ---- | C] () -- C:\WINDOWS\RECVCALL.INI
[2008/04/05 09:58:22 | 00,000,222 | ---- | C] () -- C:\WINDOWS\System32\SunData.ini
[2008/04/05 09:57:16 | 00,000,064 | ---- | C] () -- C:\WINDOWS\TTL3.ini
[2008/03/19 19:58:51 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2008/02/19 01:33:34 | 00,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/09/25 23:40:40 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/25 17:17:15 | 00,000,121 | ---- | C] () -- C:\WINDOWS\ka.ini
[2007/02/28 15:39:13 | 00,000,136 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2007/02/27 13:46:12 | 00,001,782 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/22 16:30:54 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2007/02/16 10:51:59 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/16 09:11:22 | 01,970,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/02/14 17:54:58 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/14 17:48:04 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\fusioncache.dat
[2007/02/14 17:20:50 | 00,009,198 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/02/13 00:10:17 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/02/13 00:07:42 | 00,000,551 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/02/12 23:39:38 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2007/02/12 23:39:38 | 00,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/02/12 23:39:38 | 00,000,053 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/02/12 23:39:37 | 00,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/02/12 23:38:43 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/02/12 23:38:31 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\symmpi.sys
[2007/02/12 23:37:44 | 00,000,393 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/15 13:57:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/27 13:07:32 | 00,880,640 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/05/27 13:07:32 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/08/11 18:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/09/18 16:50:28 | 00,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
========== LOP Check ==========
[2008/08/21 18:20:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2007/06/12 10:23:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery
[2010/01/08 12:48:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/01/21 07:46:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/06/25 02:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Comcast
[2009/01/05 11:06:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DigitalBlue
[2008/08/01 23:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/07/17 22:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2010/01/05 08:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/01/15 16:06:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2008/08/22 13:54:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freedom
[2009/02/14 22:58:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GamesBar
[2007/10/08 23:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2008/04/01 17:09:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming
[2009/03/17 15:47:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/08/01 23:20:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2008/08/21 17:19:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2007/09/25 09:10:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simple Star Shared
[2007/08/21 13:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/01/21 16:45:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/03 19:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2007/10/24 21:49:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2007/04/19 11:22:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2007/10/27 12:15:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/07/07 23:16:48 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\Tammy\Application Data\.#
[2007/02/22 16:37:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\3Dconnexion
[2009/05/11 22:19:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\aAvgApi
[2008/08/21 18:20:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\AT&T
[2007/02/23 10:35:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Autodesk
[2009/10/02 17:02:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\CasinoStates
[2009/09/10 11:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1
[2009/01/06 20:12:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Disney Mix It Plug-in
[2008/01/29 23:19:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\FileZilla
[2009/07/23 20:37:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\GoldVegas
[2007/02/23 09:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Leadertech
[2010/01/06 22:26:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\LimeWire
[2008/01/31 19:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\School Zone Preferences
[2007/04/05 15:26:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Simple Star
[2007/09/12 21:15:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Snapfish
[2009/07/23 20:37:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Thebes
[2008/03/16 22:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\VTExtra
[2009/11/10 12:43:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Walgreens
[2007/12/09 17:35:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\yoclient
[2010/01/07 16:10:01 | 00,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/01/19 18:00:02 | 00,000,442 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2009/05/14 13:05:55 | 00,530,083 | ---- | M] (BellSouth Internet Services ) -- C:\HC4DecommissionScheduler.exe
< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 06:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0027\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/04 06:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: IASTOR.SYS >
[2006/07/06 06:59:42 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\dell\drivers\R130118\iastor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2006/10/10 14:03:48 | 00,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 06:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/04 06:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
< MD5 for: VIPRT.SYS >
[2006/06/28 05:41:42 | 00,058,368 | ---- | M] (VIA Technologies, Inc.) MD5=48D1E07EE0FEFE1FE5543B4CB419E85C -- C:\WINDOWS\system32\drivers\ViPrt.sys
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/02/20 03:14:47 | 00,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/02/20 03:14:47 | 00,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\SHOPLAYOUT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\jokes:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Tammy\My Documents\gmems_v07.1:Roxio EMC Stream
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:93EB7685
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 1/21/2010 5:16:06 PM - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Documents and Settings\Tammy\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 68.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 136.67 Gb Total Space | 83.22 Gb Free Space | 60.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DESIGN
Current User Name: Tammy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:SYS32DLL
"7171:TCP" = 7171:TCP:*:Enabled:SYS32DLL
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\HP\digital imaging\bin\hpqtra08.exe" = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqste08.exe" = C:\Program Files\HP\digital imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hposid01.exe" = C:\Program Files\HP\digital imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\digital imaging\bin\hpoews01.exe" = C:\Program Files\HP\digital imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqusgm.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqusgh.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe:*:Disabled:popup -- ( )
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\UGS\NX 3.0\UGII\ugraf.exe" = C:\Program Files\UGS\NX 3.0\UGII\ugraf.exe:*:Enabled:NX Component -- (UGS Corp.)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\att-nap\McciBrowser.exe" = C:\Program Files\att-nap\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Dogpile Toolbar\TroubleShooter.exe" = C:\Program Files\Dogpile Toolbar\TroubleShooter.exe:*:Enabled:Dogpile Toolbar (Helper) -- File not found
"C:\Program Files\Dogpile Toolbar\ToolbarUpdate.exe" = C:\Program Files\Dogpile Toolbar\ToolbarUpdate.exe:*:Enabled:Dogpile Toolbar (Update) -- File not found
"C:\Program Files\HP\digital imaging\bin\hpqtra08.exe" = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqste08.exe" = C:\Program Files\HP\digital imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hposid01.exe" = C:\Program Files\HP\digital imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\digital imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\digital imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\digital imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\digital imaging\bin\hpoews01.exe" = C:\Program Files\HP\digital imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\digital imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\digital imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\digital imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\bin\hpqusgm.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\digital imaging\bin\hpqusgh.exe" = C:\Program Files\HP\digital imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\digital imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08F9879C-0AA3-4B0A-AACE-3498BBCAE175}" = Scrapbook Factory Deluxe 3.0
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F841AC7-3572-42E6-9031-B132885AB513}" = 3Dconnexion Getting Started
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15B3667C-3468-4B03-8CC1-0EE41AD589F3}" = PSPrinters06
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}" = Disney Pix Micro Downloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 13
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2CF09417-ED87-440C-A134-988D5D5B4D8E}" = 3Dconnexion NX Views
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2E3BEFB7-BFA6-4DB5-BC81-702C9021DE25}" = Disney's Extremely Goofy Skateboarding
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30363C5E-1A3E-43B2-947F-7589DC1DA185}" = JSWPFGrade2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353073E8-1185-4823-8F3A-A1F4AF6DD2CD}" = Sonic DVDit
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{37C01E1C-5982-44A8-933F-C8AC223EF33D}" = Larson VizEx Reader
"{38C3632A-D9A9-42A9-8620-AE726BFCAD3D}" = DWGgateway
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440701AA-4602-409C-8CC3-5BB9D2F11A91}" = NX 3 FLEXlm
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5010C983-0983-411E-98CC-9C4FC2879846}" = Disney/Pixar's Jessie's Wild West Rodeo
"{52D56C42-8C69-4882-A661-39695537C9CF}" = DellConnect
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{549DD7F5-D445-4569-ACAF-822DC75F5EBF}" = Dell SAS RAID Storage Manager v1.16-00
"{574EA9D1-DB4C-4256-9341-E53A3C5C3282}" = PSPExpress
"{5783F2D7-0101-0409-0000-0060B0CE6BBA}" = AutoCAD 2002
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BCB7EAA-598C-4836-B7EA-3642E41AA222}" = Microsoft LifeCam
"{75569133-FD58-4F54-B622-9193EC7B6000}" = LITTLEST PET SHOP™
"{766E4715-B801-46B3-9D91-12288AB88428}" = DB CIF Cam
"{795B33DF-67F6-48FB-A730-7B9A6AE35E8D}" = PS8700
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{82A1E81B-4FA3-4124-89A6-1BDCFBB942AC}" = 3Dconnexion Add-In for AutoCAD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = DB CIF Cam
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8B8964B0-E18B-4AA3-A152-FE319DCA6A0E}" = JSWorld2GMain
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A2F0A59-B202-4D2A-9343-A7E5ACE852B7}" = JSWPFCom
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D180A76-C05F-4064-94B1-069E6EEEA5EF}" = NX 3
"{9F8C8C2C-3926-45D3-B247-3F478A1D0D9F}" = NX 3 Translators
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A520D984-8F50-4D35-BDD1-B47F116B9D64}" = 3Dconnexion 3DxWare
"{A84EB063-10A9-49D5-B64F-EB1192E7EA6F}" = Disney Mix Central
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A943CC79-CC0E-4F74-B613-EAB418F043AD}" = JSWorldKGMain
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-1033-0000-BA7E-000000000001}" = Adobe Acrobat 6.0 Standard
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2EB23D7-8AA5-457F-82B8-4F60321A9CC7}" = JSWPFGradeK
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BA2D9411-DBB4-43e4-9421-780413650A67}" = Photosmart 320,370,7400,8100,8400,8700 Series
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC509FE5-1445-46C9-827C-6120429CB942}" = Windows Live Family Safety
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}" = Disney Pix 2.0
"{DF27BAF0-47DB-42A7-9B17-DFAC05050C91}" = Disney's Aladdin Chess Adventures
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E18BCEBF-805F-4D20-BFE2-103BCBFF3C96}" = Disney Mix-It Plug-in and Windows Media Player Skin
"{E2A93211-5048-46BF-B6A3-05E6C91B2A3B}" = 3Dconnexion 3DxOffice
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{EDF1085A-73FF-4B3B-8726-2A403D400E48}" = DesignPro 5.0 Media Edition
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FEA0CE81-7FC7-AAAE-FC8C-241A5F8684F0}" = Supercast
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"ABViewer 6.2_is1" = ABViewer 6.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AnswerWorks" = AnswerWorks Runtime
"AVG9Uninstall" = AVG Free 9.0
"BellsouthHelpCenter4.0b_is1" = FastAccess® DSL Help Center 4.3
"Candyz" = Candyz 1.0
"CardRecovery" = CardRecovery
"CCleaner" = CCleaner
"com.directv.supercast.AA1ECC8BBAFE4E1BBF2D418DC006AF207FACE6CA.1" = Supercast
"Cool Cat Casino" = Cool Cat Casino
"Dogz" = Dogz (remove only)
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"EDS Factory 7.1 Enablers" = EDS Factory 7.1 Enablers
"EDS Factory 8.0 Enablers" = EDS Factory 8.0 Enablers
"ERUNT_is1" = ERUNT 1.1j
"GamesBar" = GamesBar 1.1.0.5
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photo & Imaging" = HP Image Zone 4.7
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{8B8964B0-E18B-4AA3-A152-FE319DCA6A0E}" = JSWorld2GMain
"InstallShield_{A943CC79-CC0E-4F74-B613-EAB418F043AD}" = JSWorldKGMain
"InstallShield_{EDF1085A-73FF-4B3B-8726-2A403D400E48}" = DesignPro 5.0 Media Edition
"JS World 2nd Grade" = JS World 2nd Grade
"JS World Kindergarten" = JS World Kindergarten
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"NVIDIA Drivers" = NVIDIA Drivers
"oggcodecs" = oggcodecs 0.71.0946
"Photags Music Express" = iConcepts Music Express
"PhoTagsExpress" = PhoTags Express
"Playsushi" = Playsushi
"SearchAssist" = SearchAssist
"Shop for HP Supplies" = Shop for HP Supplies
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"spyware doctor" = Spyware Doctor 7.0
"SpywareBlaster_is1" = SpywareBlaster 4.2
"The Game of Life - SpongeBob SquarePants Edition" = The Game of Life - SpongeBob SquarePants Edition
"Volo View Express" = Volo View Express
"Walgreens PhotoShow 5" = Walgreens PhotoShow 5
"Walgreens PhotoShow Express" = Walgreens PhotoShow Express
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ESPN Java Check" = ESPN Java Check
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/21/2010 9:06:48 AM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application hpwucli.exe, version 5.0.8.1, faulting module
hpwucli.exe, version 5.0.8.1, fault address 0x000099b1.
Error - 1/21/2010 9:17:00 AM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.
Error - 1/21/2010 9:18:09 AM | Computer Name = DESIGN | Source = Application Error | ID = 1001
Description = Fault bucket 938228494.
Error - 1/21/2010 9:20:20 AM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.
Error - 1/21/2010 9:21:19 AM | Computer Name = DESIGN | Source = Application Error | ID = 1001
Description = Fault bucket 938228494.
Error - 1/21/2010 9:21:27 AM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.
Error - 1/21/2010 5:18:39 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application auto_updater_shim.exe, version 3.0.0.61, faulting
module auto_updater_shim.exe, version 3.0.0.61, fault address 0x00016b96.
Error - 1/21/2010 5:22:33 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0285f7a0.
Error - 1/21/2010 5:26:07 PM | Computer Name = DESIGN | Source = Application Error | ID = 1004
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x0288f7a0.
Error - 1/21/2010 6:09:04 PM | Computer Name = DESIGN | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00c0f7a0.
[ System Events ]
Error - 1/21/2010 5:53:39 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2010 5:57:58 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 1/21/2010 5:57:59 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2010 5:58:01 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 1/21/2010 5:58:01 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2010 5:58:03 PM | Computer Name = DESIGN | Source = DCOM | ID = 10005
Description = DCOM got error "%2" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 1/21/2010 5:58:03 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7000
Description = The Automatic Updates service failed to start due to the following
error: %%2
Error - 1/21/2010 5:58:16 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7028
Description = The wuauserv Registry key denied access to SYSTEM account programs
so the Service Control Manager took ownership of the Registry key.
Error - 1/21/2010 6:09:06 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7031
Description = The DCOM Server Process Launcher service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Reboot the machine.
Error - 1/21/2010 6:09:06 PM | Computer Name = DESIGN | Source = Service Control Manager | ID = 7034
Description = The Terminal Services service terminated unexpectedly. It has done
this 1 time(s).
< End of report >