My email: [email protected]
OTL Log
OTL logfile created on: 06/03/2011 10:48:37 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\John Manley\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
1,014.00 Mb Total Physical Memory | 249.00 Mb Available Physical Memory | 25.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.91 Gb Total Space | 64.89 Gb Free Space | 69.84% Space Free | Partition Type: NTFS
Computer Name: JOHNMANLEY | User Name: John Manley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/06 22:47:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Manley\Desktop\OTL.exe
PRC - [2011/02/19 17:41:46 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/02 05:00:54 | 000,918,184 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
PRC - [2011/02/02 05:00:53 | 000,508,584 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32.exe
PRC - [2011/01/04 05:02:23 | 000,372,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/12/20 05:02:23 | 000,063,992 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\ORSP Client\fsorsp.exe
PRC - [2010/06/12 18:28:01 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\FWES\program\fsdfwd.exe
PRC - [2009/08/05 07:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
PRC - [2009/08/05 07:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Common\FSM32.EXE
PRC - [2009/08/05 07:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Common\FSHDLL32.EXE
PRC - [2009/08/05 07:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/05 14:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2005/12/20 11:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/12/05 08:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/11/30 12:25:22 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2005/11/28 07:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/11/28 07:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/11/16 23:44:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2005/11/02 00:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/10/06 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/16 11:23:12 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005/05/31 17:00:12 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/05/31 16:59:58 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/04/26 16:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/03/11 15:03:16 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2005/01/17 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/12/30 00:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2004/08/27 08:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/27 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/08/17 11:37:44 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
========== Modules (SafeList) ==========
MOD - [2011/03/06 22:47:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Manley\Desktop\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/08/05 07:59:08 | 000,256,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\COGECO Security Services\Spam Control\fsscoepl.dll
MOD - [2009/08/05 07:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\cogeco security services\hips\fshook32.dll
MOD - [2002/03/03 04:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/12/20 05:02:23 | 000,063,992 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\COGECO Security Services\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010/09/01 11:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/06/12 18:28:01 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009/08/05 07:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\COGECO Security Services\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/08/05 07:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2008/12/01 08:01:02 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper) getPlus®
SRV - [2005/12/20 11:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/01/17 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
========== Driver Services (SafeList) ==========
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/16 16:36:30 | 000,082,120 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2010/12/15 05:08:02 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/11/29 19:10:48 | 000,130,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\COGECO Security Services\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2009/08/05 07:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\COGECO Security Services\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009/08/05 07:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\COGECO Security Services\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009/08/05 07:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\COGECO Security Services\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2005/12/09 00:48:40 | 004,123,136 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/12/05 01:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/30 11:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/29 18:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 08:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/14 17:00:22 | 001,122,656 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 14:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/13 14:01:42 | 000,009,984 | R--- | M] (WebDialogs, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmirror.sys -- (wdmirror)
DRV - [2005/09/09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/06/01 11:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/28 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/01/24 10:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = about:blank
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\COGECO Security Services\NRS\[email protected] [2010/09/07 06:18:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/03 09:25:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/03 09:25:56 | 000,000,000 | ---D | M]
[2008/07/03 04:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Manley\Application Data\Mozilla\Extensions
[2011/03/06 16:12:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John Manley\Application Data\Mozilla\Firefox\Profiles\25chhgcm.default\extensions
[2010/10/29 05:12:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\John Manley\Application Data\Mozilla\Firefox\Profiles\25chhgcm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/11 15:26:09 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\John Manley\Application Data\Mozilla\Firefox\Profiles\25chhgcm.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2011/03/05 14:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/16 23:37:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/09/07 06:18:48 | 000,000,000 | ---D | M] ("Browsing Protection") -- C:\PROGRAM FILES\COGECO SECURITY SERVICES\NRS\[email protected]
[2011/02/16 23:37:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/11/14 21:52:57 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2009/11/14 21:52:57 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2009/02/20 10:54:36 | 000,046,408 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\atmccli.dll
[2009/11/14 21:53:04 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ieatgpc.dll
[2008/02/09 18:36:52 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2011/02/16 23:37:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\COGECO Security Services\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\COGECO Security Services\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\COGECO Security Services\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\COGECO Security Services\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [ISMModule2] File not found
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\COGECO Security Services\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\COGECO Security Services\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\COGECO Security Services\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\COGECO Security Services\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.goo...3/uploader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by137fd.bay13...es/MsnPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...erInstaller.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.mac...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://disnat-eng.w...ent/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\John Manley\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John Manley\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/21 02:35:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/06 22:47:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\John Manley\Desktop\OTL.exe
[2011/03/06 22:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/06 22:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Manley\Start Menu\Programs\HiJackThis
[2011/03/06 22:10:28 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\John Manley\Desktop\HijackThis.exe
[2011/03/06 09:59:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/05 13:49:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/05 13:17:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/05 13:17:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/05 13:17:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/05 13:17:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/05 13:08:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/05 13:01:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/05 13:01:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/03/05 12:19:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Manley\Application Data\Malwarebytes
[2011/03/05 12:19:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/05 12:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/05 12:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/05 12:19:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/05 12:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/28 20:54:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Manley\Application Data\TightVNC
[2011/02/28 20:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John Manley\showmypc
[2011/02/16 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2006/03/02 22:07:17 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\John Manley\*.tmp files -> C:\Documents and Settings\John Manley\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[7051/02/22 18:36:15 | 000,000,006 | -H-- | M] () -- C:\rasmon.bin
[2011/03/06 22:47:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John Manley\Desktop\OTL.exe
[2011/03/06 22:11:29 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\HiJackThis.lnk
[2011/03/06 22:10:21 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\John Manley\Desktop\HijackThis.exe
[2011/03/06 22:09:52 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\HijackThis.msi
[2011/03/06 13:05:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/06 13:05:17 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/06 13:05:17 | 000,377,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/06 12:59:34 | 000,451,734 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/06 12:59:34 | 000,075,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/06 12:31:34 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/06 00:50:06 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2011/03/05 13:50:51 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\John Manley\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/05 13:50:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/05 13:49:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/05 13:07:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/05 12:19:25 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/04 12:40:16 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Microsoft Office Word 2007.lnk
[2011/03/03 14:04:15 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\John Manley\Local Settings\Application Data\PUTTY.RND
[2011/03/03 09:26:04 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\John Manley\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/03 09:26:04 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/01 22:51:36 | 000,075,360 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Ron John 1.jpg
[2011/03/01 22:44:27 | 001,751,704 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Ella.JPG
[2011/03/01 21:51:38 | 000,345,988 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Ron John.JPG
[2011/03/01 20:03:53 | 000,065,618 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\2-25-11-Swing-Analog-1907-2009.gif
[2011/03/01 09:27:21 | 000,504,364 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Trading - Jan Feb 2011.jpg
[2011/02/28 22:26:07 | 076,327,052 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\jake3b.zip
[2011/02/28 13:02:43 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/02/24 17:56:49 | 000,240,837 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\ES Market structure.jpg
[2011/02/22 22:13:12 | 000,092,060 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Wedding day.jpg
[2011/02/21 13:33:18 | 007,569,557 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Tore Down.mp3
[2011/02/14 17:08:13 | 000,384,783 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Address L.A..jpg
[2011/02/07 10:48:28 | 007,853,769 | ---- | M] () -- C:\Documents and Settings\John Manley\Desktop\Pretty Woman.mp3
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\John Manley\*.tmp files -> C:\Documents and Settings\John Manley\*.tmp -> ]
========== Files Created - No Company Name ==========
[7051/02/22 18:36:15 | 000,000,006 | -H-- | C] () -- C:\rasmon.bin
[2011/03/06 22:11:29 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\HiJackThis.lnk
[2011/03/06 22:10:04 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\HijackThis.msi
[2011/03/05 12:19:25 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/01 22:51:36 | 000,075,360 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Ron John 1.jpg
[2011/03/01 22:44:25 | 001,751,704 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Ella.JPG
[2011/03/01 21:51:36 | 000,345,988 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Ron John.JPG
[2011/03/01 20:03:50 | 000,065,618 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\2-25-11-Swing-Analog-1907-2009.gif
[2011/03/01 09:27:21 | 000,504,364 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Trading - Jan Feb 2011.jpg
[2011/02/28 22:25:20 | 076,327,052 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\jake3b.zip
[2011/02/24 17:56:49 | 000,240,837 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\ES Market structure.jpg
[2011/02/22 22:13:12 | 000,092,060 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Wedding day.jpg
[2011/02/14 17:08:13 | 000,384,783 | ---- | C] () -- C:\Documents and Settings\John Manley\Desktop\Address L.A..jpg
[2010/06/12 16:52:20 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\John Manley\Local Settings\Application Data\housecall.guid.cache
[2010/05/10 13:27:50 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\John Manley\Local Settings\Application Data\PUTTY.RND
[2009/10/14 16:36:20 | 000,042,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/02/18 10:42:36 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\John Manley\Local Settings\Application Data\fusioncache.dat
[2009/02/04 07:23:52 | 000,000,042 | ---- | C] () -- C:\WINDOWS\ib.ini
[2008/12/02 20:40:02 | 000,157,546 | ---- | C] () -- C:\WINDOWS\hpoins29.dat
[2008/12/02 20:40:02 | 000,000,986 | ---- | C] () -- C:\WINDOWS\hpomdl29.dat
[2008/06/01 14:45:54 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2007/08/14 19:06:00 | 000,001,299 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/08/14 12:30:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/06/03 11:17:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2007/05/19 15:15:59 | 000,002,175 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/12/04 08:07:05 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\John Manley\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/18 05:06:15 | 000,027,136 | ---- | C] () -- C:\WINDOWS\toFront.dll
[2006/09/18 05:06:15 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2006/09/15 16:03:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\ddedll.dll
[2006/09/13 14:44:49 | 000,000,035 | ---- | C] () -- C:\WINDOWS\vbupdtx.ini
[2006/09/02 02:24:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HoadleyEXChains.dll
[2006/07/09 14:59:34 | 004,227,072 | ---- | C] () -- C:\WINDOWS\System32\qt-mt305.dll
[2006/07/09 05:15:07 | 001,236,992 | ---- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2006/07/09 05:15:07 | 001,187,840 | ---- | C] () -- C:\WINDOWS\System32\winsflt.dll
[2006/07/08 08:33:12 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2006/06/16 10:00:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HoadleyAMQuotesServer.dll
[2006/06/03 04:32:10 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\HoadleyESOptionChains.dll
[2006/03/07 01:54:41 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HoadleyOXChains.dll
[2006/03/02 22:59:05 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/02 22:08:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/03/02 22:07:17 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/21 07:41:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/21 07:32:23 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/21 07:32:23 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/21 07:31:45 | 000,000,216 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/21 07:29:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/21 07:29:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/21 07:29:25 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/21 07:29:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/21 07:29:25 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/21 07:29:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/21 06:19:21 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2006/02/21 06:19:21 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2006/02/21 06:19:15 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/02/21 06:19:15 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/02/21 06:18:38 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/21 06:18:37 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/21 06:18:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/21 06:18:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/21 05:49:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/21 02:38:36 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/02/21 02:37:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/02/21 02:33:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/02/21 00:37:59 | 000,002,392 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/02/21 00:37:48 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/21 00:37:46 | 000,451,734 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/21 00:37:46 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/21 00:37:46 | 000,075,738 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/21 00:37:46 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/21 00:37:46 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/21 00:37:45 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/21 00:37:45 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/02/21 00:37:43 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/21 00:37:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/21 00:37:41 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/21 00:37:37 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/20 18:28:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/02/20 18:27:52 | 000,377,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/01/23 04:45:15 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\HoadleySWQuotesServer.dll
[2005/11/28 04:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/27 19:40:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HoadleyYHOHist.dll
[2005/10/14 13:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/09/02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/08/20 12:02:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\HoadleyESQuotesServer.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/06/23 06:29:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\HoadleyCBOE.dll
[2005/05/16 06:12:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HoadleyNQOptionChains.dll
[2005/05/01 19:05:51 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HoadleyNQQuotesServer.dll
[2005/04/16 15:45:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HoadleyOXQuotesServer.dll
[2005/03/28 07:36:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HoadleyBullOptionChains.dll
[2004/12/13 13:24:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\HoadleyBullQuotesServer.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 02:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
========== LOP Check ==========
[2009/10/14 16:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/04/03 12:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2009/02/18 17:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\Blueberry
[2006/07/09 13:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\F-Secure
[2007/10/16 06:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\Hoadley
[2006/07/09 15:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\InterVideo
[2006/07/09 05:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\ispnews
[2007/06/19 17:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\LinkedIn
[2009/11/22 12:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\OptionsOracle
[2011/02/28 20:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\TightVNC
[2006/08/13 12:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\toshiba
[2010/05/11 14:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John Manley\Application Data\webex
[2011/03/06 00:50:06 | 000,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job
========== Purity Check ==========
Sorry... found an "Extra's Log File" also... not sure if this is important for you. Thought I should add. Thanks again!
OTL Extras logfile created on: 06/03/2011 11:12:28 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\John Manley\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
1,014.00 Mb Total Physical Memory | 254.00 Mb Available Physical Memory | 25.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.91 Gb Total Space | 64.89 Gb Free Space | 69.84% Space Free | Partition Type: NTFS
Computer Name: JOHNMANLEY | User Name: John Manley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\1stWORKS\hotCommLite\BIN\hotComm.exe" = C:\Program Files\1stWORKS\hotCommLite\BIN\hotComm.exe:*:Enabled:hotComm Lite Client
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Disnat Direct\DDquotes\viewer.exe" = C:\Program Files\Disnat Direct\DDquotes\viewer.exe:*:Enabled:viewer
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{130FA2D4-E5B3-4BA8-9C4A-70B615655319}" = Jing
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24
"{2C31929A-D6AB-4D0B-ABF9-4812A045CE97}" = OptionsOracle
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{329ABF30-0376-40AE-A8D2-231BF6AC605C}" = UFile Updater 2006
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{451BB54C-8B23-4455-8BDC-14FC7D43E056}" = MSXML4SP2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4E5D8DB3-B289-401D-8458-DF0125189210}" = WebEx Recording Editor
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{98C8C362-7F0B-477E-B67E-7AFD950A2DA1}" = WebEx Recorder and Player
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{AA4BA5E9-0447-43A2-B2A6-2D5DFF3DD5DC}" = Network Recording Player
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE93C501-8C33-4F0F-9590-0C006F03C823}" = Screencast.com Desktop Uploader
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus®
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E05A9720-36C5-11D2-8960-0020AFFA5563}" = FastWeb
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Bracket Trader_is1" = Bracket Trader 07.0130a28
"doPDF 5 printer_is1" = doPDF 5.0 printer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExtractNow_is1" = ExtractNow
"FastStone Capture" = FastStone Capture 4.7
"F-Secure Product 444" = COGECO Security Services
"Hoadley Options Excel Add-in_is1" = Excel Add-in
"Hoadley Options Strategy Evaluation Tool_is1" = Hoadley Options Strategy Evaluation Tool
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.14)" = Mozilla Firefox (3.6.14)
"MSNINST" = MSN
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Picasa2" = Picasa 2
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel® PROSet/Wireless Software
"Projector" = Projector
"PROSet" = Intel® PRO Network Connections Drivers
"SerifDrawPlus40" = Serif DrawPlus 4.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"thinkorswim" = thinkorswim
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"Trader Workstation 4.0" = Trader Workstation 4.0
"TWS Interoperability Components" = TWS Interoperability Components
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Trader Workstation" = Trader Workstation
"TWS Beta (Build 8953)" = TWS Beta (Build 8953)
"TWS Demo" = TWS Demo
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01/03/2011 3:48:08 PM | Computer Name = JOHNMANLEY | Source = F-Secure Anti-Virus | ID = 103
Description = 2 2011-03-01 14:48:02-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure Anti-Virus An error occurred while scanning \DEVICE\HARDDISKVOLUME1\DOCUMENTS
AND SETTINGS\JOHN MANLEY\LOCAL SETTINGS\TEMP\CHROME_1015\SOURCE\CHROME-BIN\9.0.597.107\AVFORMAT-52.DLL.
Error - 03/03/2011 7:47:22 PM | Computer Name = JOHNMANLEY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 03/03/2011 7:47:28 PM | Computer Name = JOHNMANLEY | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 03/03/2011 7:55:54 PM | Computer Name = JOHNMANLEY | Source = F-Secure Anti-Virus | ID = 103
Description = 3 2011-03-03 18:55:52-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure Anti-Virus Malicious code found in file C:\Documents and Settings\John
Manley\Local Settings\Temp\9048.560842711491.exe. Infection: Trojan.Generic.KDV.130382
Action: The file was quarantined.
Error - 04/03/2011 1:39:47 PM | Computer Name = JOHNMANLEY | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2011-03-04 09:39:47-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure Anti-Virus Manual scanning was finished - workstation was found infected!
Error - 05/03/2011 1:16:44 AM | Computer Name = JOHNMANLEY | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....1A61C7DC25.crt>
with error: This operation returned because the timeout period expired.
Error - 05/03/2011 4:24:15 PM | Computer Name = JOHNMANLEY | Source = F-Secure Anti-Virus | ID = 103
Description = 1 2011-03-05 12:24:13-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure Anti-Virus Malicious code found in file C:\Documents and Settings\John
Manley\o.0at. Infection: Trojan.Generic.4656981 Action: The file was quarantined.
Error - 05/03/2011 4:24:15 PM | Computer Name = JOHNMANLEY | Source = F-Secure Anti-Virus | ID = 103
Description = 2 2011-03-05 12:24:14-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure Anti-Virus Malicious code found in file C:\Documents and Settings\John
Manley\o.0at. Infection: Trojan.Generic.4656981 Action: The file was quarantined.
Error - 06/03/2011 5:03:07 PM | Computer Name = JOHNMANLEY | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....1A61C7DC25.crt>
with error: This operation returned because the timeout period expired.
Error - 07/03/2011 2:47:39 AM | Computer Name = JOHNMANLEY | Source = F-Secure DeepGuard | ID = 103
Description = 1 2011-03-06 22:47:38-07:00 johnmanley JOHNMANLEY\John Manley
F-Secure DeepGuard Application was blocked. This was determined to be a high-risk
application by system control heuristics. Application path: \\?\c:\documents and
settings\john manley\desktop\otl.exe File hash: 531612f4fa88e986e630d8370c6eb85c7abf5bf3
[ OSession Events ]
Error - 26/03/2008 8:07:09 PM | Computer Name = JOHNMANLEY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25648
seconds with 420 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 27/02/2011 7:14:11 PM | Computer Name = JOHNMANLEY | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.
Error - 28/02/2011 12:54:45 AM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 01/03/2011 3:44:27 PM | Computer Name = JOHNMANLEY | Source = F-Secure Gatekeeper | ID = 327681
Description = Real-time scanning failure occurred. Intercepted file name=\Device\HarddiskVolume1\Docu...config.tmp.
For more information, please visit the customer support web pages at http://support.f-secure.com/enu/home/
for assistance.
Error - 03/03/2011 9:01:31 PM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 04/03/2011 2:13:35 AM | Computer Name = JOHNMANLEY | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 04/03/2011 2:13:35 AM | Computer Name = JOHNMANLEY | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 04/03/2011 1:44:03 PM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 05/03/2011 4:34:30 PM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 05/03/2011 5:51:55 PM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 06/03/2011 5:07:26 PM | Computer Name = JOHNMANLEY | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
< End of report >
< End of report >
Edited by spokes, 07 March 2011 - 01:18 AM.