OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Sharon\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 198.14 Gb Free Space | 85.08% Space Free | Partition Type: NTFS
Drive R: | 1397.26 Gb Total Space | 87.78 Gb Free Space | 6.28% Space Free | Partition Type: NTFS
Drive S: | 73.80 Gb Total Space | 0.59 Gb Free Space | 0.80% Space Free | Partition Type: NTFS
Drive T: | 111.78 Gb Total Space | 0.92 Gb Free Space | 0.82% Space Free | Partition Type: NTFS
Drive V: | 75.25 Gb Total Space | 7.49 Gb Free Space | 9.96% Space Free | Partition Type: NTFS
Drive W: | 279.46 Gb Total Space | 171.47 Gb Free Space | 61.36% Space Free | Partition Type: NTFS
Drive X: | 93.16 Gb Total Space | 7.14 Gb Free Space | 7.66% Space Free | Partition Type: NTFS
Drive Y: | 93.16 Gb Total Space | 8.51 Gb Free Space | 9.13% Space Free | Partition Type: NTFS
Drive Z: | 111.78 Gb Total Space | 1.82 Gb Free Space | 1.63% Space Free | Partition Type: NTFS
Computer Name: XPS-GEN4 | User Name: Sharon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Sharon\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\CtHelper.exe (Creative Technology Ltd)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Sharon\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ctagent.dll (Creative Technology Ltd)
========== Win32 Services (SafeList) ==========
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (SMTPSVC) Simple Mail Transfer Protocol (SMTP) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (MSFtpsvc) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
SRV - (lxcy_device) -- C:\WINDOWS\System32\lxcycoms.exe ( )
========== Driver Services (SafeList) ==========
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110307.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110307.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\wpshelper.sys (Symantec Corporation)
DRV - (cpuz134) -- C:\WINDOWS\system32\drivers\cpuz134_x32.sys (Windows ® Win 7 DDK provider)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (SysPlant) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation)
DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (CTERFXFX) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (CTSBLFX) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (CTAUDFX) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (COMMONFX) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (RMCAST) -- C:\WINDOWS\system32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (MQAC) -- C:\WINDOWS\system32\drivers\mqac.sys (Microsoft Corporation)
DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (CT20XUT.DLL) -- C:\WINDOWS\system32\CT20XUT.DLL (Creative Technology Ltd.)
DRV - (CTHWIUT.DLL) -- C:\WINDOWS\system32\CTHWIUT.DLL (Creative Technology Ltd.)
DRV - (CTEXFIFX.DLL) -- C:\WINDOWS\system32\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV - (CTEDSPSY.DLL) -- C:\WINDOWS\system32\CTEDSPSY.DLL (Creative Technology Ltd)
DRV - (CTEDSPIO.DLL) -- C:\WINDOWS\system32\CTEDSPIO.DLL (Creative Technology Ltd)
DRV - (CTEDSPFX.DLL) -- C:\WINDOWS\system32\CTEDSPFX.DLL (Creative Technology Ltd)
DRV - (CTEAPSFX.DLL) -- C:\WINDOWS\system32\CTEAPSFX.DLL (Creative Technology Ltd)
DRV - (HabuFltr) -- C:\WINDOWS\system32\drivers\habu.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (actccid) -- C:\WINDOWS\system32\drivers\actccid.sys (ActivCard)
DRV - (OMCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o...40&l=dis&gct=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC BC C9 51 DB AE CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.14
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/03/16 18:21:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/01/10 01:55:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/07 08:51:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/07 08:52:20 | 000,000,000 | ---D | M]
[2011/01/10 18:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sharon\Application Data\Mozilla\Extensions
[2011/01/10 18:23:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sharon\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/03/07 09:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sharon\Application Data\Mozilla\Firefox\Profiles\m3gomimg.default\extensions
[2011/01/10 18:23:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sharon\Application Data\Mozilla\Firefox\Profiles\m3gomimg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/26 08:58:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Sharon\Application Data\Mozilla\Firefox\Profiles\m3gomimg.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/03/07 09:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/02 16:59:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/01/10 01:55:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2011/01/10 01:55:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/03 11:35:08 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/12/03 11:35:08 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2011/01/10 01:55:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010/12/03 11:35:08 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010/12/03 09:36:32 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/12/03 09:36:32 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/12/03 09:36:32 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/12/03 09:36:32 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/12/03 09:36:32 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/12/03 09:36:32 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/12/03 09:36:32 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: ([2011/01/06 19:47:30 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [\\SERVER1\EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Auto EPSON Stylus Photo R300 Series on SERVER1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LXCYCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1207706579921 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 68.105.28.11
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/01 20:44:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk R:\
O32 - Unable to obtain root file information for disk Z:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/07 08:52:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/07 08:45:21 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/03/05 21:16:42 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/03/05 21:12:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/03/03 15:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\My Documents\hyattjobsearch.ftl_files
[2011/03/02 21:48:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Application Data\Roxio
[2011/03/01 18:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Application Data\Malwarebytes
[2011/03/01 18:06:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/01 18:06:54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/01 18:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/01 18:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/01 18:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Desktop\Admin
[2011/02/28 17:41:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\My Documents\My Received Files
[2011/02/28 17:41:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sharon\IECompatCache
[2011/02/28 17:33:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2011/02/28 17:33:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2011/02/28 17:33:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2011/02/28 17:33:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2011/02/28 17:33:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2011/02/28 17:33:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2011/02/28 17:33:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2011/02/28 17:33:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2011/02/28 17:33:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2011/02/28 17:33:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2011/02/28 17:33:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2011/02/28 17:33:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2011/02/26 19:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Application Data\Winamp
[2011/02/26 16:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Application Data\FaxCtr
[2011/02/26 09:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Able2Extract
[2011/02/26 09:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\Investintech.com Inc
[2011/02/26 08:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2011/02/26 08:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\lx_cats
[2011/02/26 08:16:38 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011/02/26 08:16:35 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2011/02/26 08:16:35 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/02/26 08:16:16 | 000,339,968 | ---- | C] (Data Techniques, Inc.) -- C:\WINDOWS\System32\IMGMAN32.DLL
[2011/02/26 08:16:16 | 000,098,345 | ---- | C] (Data Techniques, Inc.) -- C:\WINDOWS\System32\IMHOST32.DLL
[2011/02/26 08:16:16 | 000,098,304 | ---- | C] (Data Techniques, Inc.) -- C:\WINDOWS\System32\IM31XPNG.DEL
[2011/02/26 08:16:16 | 000,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\WINDOWS\System32\IM31XTIF.DEL
[2011/02/26 08:16:16 | 000,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\WINDOWS\System32\IM31IMG.DIL
[2011/02/26 08:16:16 | 000,012,288 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXPMONRC.DLL
[2011/02/26 08:16:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark Fax Solutions
[2011/02/26 08:16:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FaxCtr
[2011/02/26 08:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Fax Solutions
[2011/02/26 08:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3400 Series
[2011/02/26 08:15:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark 3400 Series
[2011/02/26 08:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2011/02/26 08:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2011/02/26 08:14:42 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll
[2011/02/26 08:14:42 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhcp.dll
[2011/02/26 08:14:41 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll
[2011/02/26 08:14:41 | 000,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll
[2011/02/26 08:14:41 | 000,462,848 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcyutil.dll
[2011/02/26 08:14:41 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll
[2011/02/26 08:14:40 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypmui.dll
[2011/02/26 08:14:40 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll
[2011/02/26 08:14:40 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll
[2011/02/26 08:14:40 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll
[2011/02/26 08:14:39 | 000,385,712 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyih.exe
[2011/02/26 08:14:39 | 000,200,704 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcyinsb.dll
[2011/02/26 08:14:39 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcyins.dll
[2011/02/26 08:14:39 | 000,147,456 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcyjswr.dll
[2011/02/26 08:14:39 | 000,106,496 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcyinsr.dll
[2011/02/26 08:14:38 | 000,983,107 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxcygf.dll
[2011/02/26 08:14:38 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll
[2011/02/26 08:14:38 | 000,537,264 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycoms.exe
[2011/02/26 08:14:38 | 000,086,016 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcycub.dll
[2011/02/26 08:14:38 | 000,077,824 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcycu.dll
[2011/02/26 08:14:38 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcycur.dll
[2011/02/26 08:14:37 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll
[2011/02/26 08:14:37 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll
[2011/02/26 08:14:37 | 000,381,616 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycfg.exe
[2011/02/26 08:14:37 | 000,077,824 | ---- | C] (Lexmark International) -- C:\WINDOWS\System32\lxcycfg.dll
[2011/02/26 08:14:23 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011/02/25 22:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sharon\Desktop\Aflac
[2010/03/18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2010/03/18 18:59:50 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Sharon\My Documents\*.tmp files -> C:\Documents and Settings\Sharon\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/03/07 09:08:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{79EB5CD7-F48D-4F86-B6D7-FC1CC3417C0C}.job
[2011/03/07 09:05:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/03/07 09:00:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/03/07 08:59:09 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2011/03/07 08:53:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/07 08:53:15 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/07 08:48:57 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/03/07 08:48:57 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/03/07 08:48:56 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/03/07 08:48:56 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/03/07 08:48:56 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000003-00001102-00000004-20061102}.rfx
[2011/03/07 08:46:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/03 15:48:33 | 000,168,224 | ---- | M] () -- C:\Documents and Settings\Sharon\My Documents\hyattjobsearch.ftl.htm
[2011/03/02 23:29:14 | 000,001,768 | ---- | M] () -- C:\Documents and Settings\Sharon\My Documents\notarypracticetest1to5Document.rtf
[2011/03/01 20:49:30 | 004,931,933 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000003-00001102-00000004-20061102}.CDF
[2011/03/01 20:49:30 | 004,931,933 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000003-00001102-00000004-20061102}.BAK
[2011/03/01 18:06:58 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/01 01:32:46 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Sharon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/26 08:32:54 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 3400 Series.LNK
[2011/02/26 08:17:11 | 000,033,527 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011/02/13 03:52:47 | 000,141,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/13 03:04:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Sharon\My Documents\*.tmp files -> C:\Documents and Settings\Sharon\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/07 08:53:15 | 3219,296,256 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/03 15:48:32 | 000,168,224 | ---- | C] () -- C:\Documents and Settings\Sharon\My Documents\hyattjobsearch.ftl.htm
[2011/03/02 23:29:01 | 000,001,768 | ---- | C] () -- C:\Documents and Settings\Sharon\My Documents\notarypracticetest1to5Document.rtf
[2011/03/01 18:06:58 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/26 08:32:54 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Lexmark Imaging Studio - 3400 Series.LNK
[2011/02/26 08:16:55 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll
[2011/02/26 08:16:53 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll
[2011/02/26 08:16:33 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll
[2011/02/26 08:16:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll
[2011/02/26 08:16:33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll
[2011/02/26 08:16:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2011/02/26 08:16:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2011/02/26 08:14:43 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll
[2011/02/26 08:14:38 | 000,581,173 | ---- | C] () -- C:\WINDOWS\System32\lxcyhelp.chm
[2011/02/26 08:14:36 | 000,033,527 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2011/02/26 08:14:36 | 000,001,834 | ---- | C] () -- C:\WINDOWS\System32\lxcy.loc
[2011/01/30 20:15:17 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Sharon\Local Settings\Application Data\fusioncache.dat
[2011/01/16 12:48:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2011/01/11 18:07:09 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Sharon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/10 21:42:35 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/10 01:39:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\ContextMenuExt.dll
[2011/01/09 22:39:43 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/01/09 22:39:43 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/01/09 22:39:41 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2011/01/09 22:39:39 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/01/09 22:39:38 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/01/09 22:39:37 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/01/08 17:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/08 15:32:22 | 000,000,025 | ---- | C] () -- C:\WINDOWS\sndx.ini
[2010/12/25 09:18:41 | 000,001,107 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010/12/10 18:27:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/10 18:05:27 | 000,069,632 | ---- | C] () -- C:\WINDOWS\RAUNINST.EXE
[2010/11/28 18:09:41 | 000,000,087 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2010/11/08 05:59:03 | 000,750,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/30 15:53:19 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2010/03/18 19:59:54 | 000,050,439 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2010/03/18 19:59:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/03/18 19:19:58 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2010/03/18 19:17:50 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2010/03/18 19:07:54 | 000,386,852 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2010/03/18 19:07:54 | 000,051,787 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2010/03/18 19:03:12 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2010/03/18 19:02:14 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2010/03/18 19:00:42 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2010/03/18 19:00:28 | 000,241,084 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2010/03/18 19:00:28 | 000,115,166 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2010/03/18 18:59:56 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2010/03/18 18:59:56 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2010/03/18 18:59:54 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2010/03/17 17:15:27 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/07/08 15:10:56 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2009/02/09 19:16:36 | 000,001,265 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/02 17:07:48 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/04/01 22:44:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/04/01 22:08:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/04/01 21:19:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2008/04/01 21:19:07 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat
[2008/04/01 20:46:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/01 20:41:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/01 12:34:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/01 12:33:20 | 000,141,240 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/09/29 01:36:06 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/09/29 01:36:06 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/09/29 01:36:06 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/14 20:11:54 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2007/04/12 07:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/22 14:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 14:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 03:00:00 | 000,588,660 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 03:00:00 | 000,117,220 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/01/22 09:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2011/01/09 02:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2011/01/16 12:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2011/01/10 02:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/12/10 17:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/12/10 17:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/02/09 19:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2011/01/10 19:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sharon\Application Data\ACD Systems
[2011/01/07 18:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sharon\Application Data\Windows Desktop Search
[2011/01/07 18:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sharon\Application Data\Windows Search
[2011/03/07 09:05:00 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/03/07 09:00:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2011/03/07 09:08:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{79EB5CD7-F48D-4F86-B6D7-FC1CC3417C0C}.job
========== Purity Check ==========
< End of report >
OTL extras:OTL Extras logfile created on: 3/7/2011 9:03:45 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Sharon\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 198.14 Gb Free Space | 85.08% Space Free | Partition Type: NTFS
Drive R: | 1397.26 Gb Total Space | 87.78 Gb Free Space | 6.28% Space Free | Partition Type: NTFS
Drive S: | 73.80 Gb Total Space | 0.59 Gb Free Space | 0.80% Space Free | Partition Type: NTFS
Drive T: | 111.78 Gb Total Space | 0.92 Gb Free Space | 0.82% Space Free | Partition Type: NTFS
Drive V: | 75.25 Gb Total Space | 7.49 Gb Free Space | 9.96% Space Free | Partition Type: NTFS
Drive W: | 279.46 Gb Total Space | 171.47 Gb Free Space | 61.36% Space Free | Partition Type: NTFS
Drive X: | 93.16 Gb Total Space | 7.14 Gb Free Space | 7.66% Space Free | Partition Type: NTFS
Drive Y: | 93.16 Gb Total Space | 8.51 Gb Free Space | 9.13% Space Free | Partition Type: NTFS
Drive Z: | 111.78 Gb Total Space | 1.82 Gb Free Space | 1.63% Space Free | Partition Type: NTFS
Computer Name: XPS-GEN4 | User Name: Sharon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 10.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [opennew] -- explorer.exe /e, %1 (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\Documents and Settings\Sharon\My Documents\Downloads\facebook-pic000934519.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Documents and Settings\Sharon\My Documents\Downloads\facebook-pic000934519(2).exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\WINDOWS\system32\lxcycoms.exe" = C:\WINDOWS\system32\lxcycoms.exe:*:Enabled:3400 Series Server -- ( )
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{345112D9-0930-4A68-AB71-A831BA5DE7AA}" = Microsoft IntelliType Pro 6.2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{49272E0B-CF97-4BD6-85A0-9B1C59495850}_is1" = Able2Extract 7.0
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C41841F-0ED6-4A78-BD19-B188726D2D80}" = Hi-Speed USB-USB Network Cable
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3B4CE5-300C-4DFC-8CD1-D9C0E07015D1}" = Symantec Endpoint Protection
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF5A39FE-51FB-4BA3-B399-2D1F0C65D617}_is1" = AusLogics System Information
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1" = AusLogics Registry Defrag
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AudioCS" = Creative Audio Console
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Belarc Advisor" = Belarc Advisor 8.1
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DCoder Image Source" = DCoder Image Source (remove only)
"Dell Support Center" = Dell Support Center
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"HaaliMkx" = Haali Media Splitter
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"Lexmark 3400 Series" = Lexmark 3400 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mavis Beacon Teaches Typing Deluxe 17" = Mavis Beacon Teaches Typing Deluxe 17
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"RealMedia" = RealMedia (remove only)
"SHOUTcast Source" = SHOUTcast Source (remove only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/7/2011 12:09:41 PM | Computer Name = XPS-GEN4 | Source = Application Error | ID = 1000
Description = Faulting application wuauclt.exe, version 7.4.7600.229, faulting module
esent.dll, version 5.1.2600.5512, fault address 0x00030db3.
Error - 3/7/2011 12:09:44 PM | Computer Name = XPS-GEN4 | Source = Application Error | ID = 1000
Description = Faulting application Smc.exe, version 11.0.6000.436, faulting module
tse.dll, version 11.0.6000.436, fault address 0x000310d5.
Error - 3/7/2011 12:09:48 PM | Computer Name = XPS-GEN4 | Source = Application Error | ID = 1000
Description = Faulting application SearchIndexer.exe, version 7.0.6001.16503, faulting
module esent.dll, version 5.1.2600.5512, fault address 0x00032000.
Error - 3/7/2011 12:14:13 PM | Computer Name = XPS-GEN4 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
Error - 3/7/2011 12:17:08 PM | Computer Name = XPS-GEN4 | Source = ESENT | ID = 475
Description = wuauclt (3140) The database page read from the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
at offset 20480 (0x0000000000005000) for 4096 (0x00001000) bytes failed verification
due to a page number mismatch. The expected page number was 4 (0x00000004) and
the actual page number was 22 (0x00000016). The read operation will fail with
error -1018 (0xfffffc06). If this condition persists then please restore the database
from a previous backup.
Error - 3/7/2011 12:38:29 PM | Computer Name = XPS-GEN4 | Source = ESENT | ID = 475
Description = wuauclt (3084) The database page read from the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
at offset 20480 (0x0000000000005000) for 4096 (0x00001000) bytes failed verification
due to a page number mismatch. The expected page number was 4 (0x00000004) and
the actual page number was 1 (0x00000001). The read operation will fail with error
-1018 (0xfffffc06). If this condition persists then please restore the database
from a previous backup.
Error - 3/7/2011 12:44:03 PM | Computer Name = XPS-GEN4 | Source = Symantec AntiVirus | ID = 16711720
Description = Symantec Endpoint Protection has determined that the virus definitions
are missing on this computer. This computer will remain unprotected from viruses
until virus definitions are downloaded to this computer.Application has encountered
an error. For more information, please go to: http://www.symantec....ld=symantec_ent
Error - 3/7/2011 12:46:59 PM | Computer Name = XPS-GEN4 | Source = MSMQ | ID = 2053
Description = The checkpoint file for incoming sequences cannot be initialized. The
files MQInSeqs.lg1 and MQInSeqs.lg2 in the Msmq\Storage folder are corrupted or
absent. To start the Message Queuing service without loosing consistency, you must
correct or recover these files (e.g. from a backup). To start the service for emergency
use (with a potential loss of data consistency), delete the files QMLog, MQTrans.lg1,
MQTrans.lg2, MQInSeqs.lg1, and MQInSeqs.lg2 from the Msmq\Storage folder and add
the DWORD registry key HKLM\Software\Microsoft\MSMQ\Parameters\LogDataCreated with
a value of 0.
Error - 3/7/2011 12:50:26 PM | Computer Name = XPS-GEN4 | Source = Symantec AntiVirus | ID = 16711720
Description = Symantec Endpoint Protection has determined that the virus definitions
are missing on this computer. This computer will remain unprotected from viruses
until virus definitions are downloaded to this computer.Application has encountered
an error. For more information, please go to: http://www.symantec....ld=symantec_ent
Error - 3/7/2011 12:54:12 PM | Computer Name = XPS-GEN4 | Source = Symantec AntiVirus | ID = 16711720
Description = Symantec Endpoint Protection has determined that the virus definitions
are missing on this computer. This computer will remain unprotected from viruses
until virus definitions are downloaded to this computer.Application has encountered
an error. For more information, please go to: http://www.symantec....ld=symantec_ent
[ System Events ]
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSP | ID = 524292
Description = Error loading virus definitions.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSPL | ID = 458772
Description = Unable to initialize the virus scanning engine database files.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSP | ID = 524292
Description = Error loading virus definitions.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = SRTSPL | ID = 458772
Description = Unable to initialize the virus scanning engine database files.
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = Service Control Manager | ID = 7000
Description = The SRTSP service failed to start due to the following error: %%31
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = Service Control Manager | ID = 7000
Description = The SRTSPL service failed to start due to the following error: %%31
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = Service Control Manager | ID = 7000
Description = The SRTSP service failed to start due to the following error: %%31
Error - 3/7/2011 12:57:05 PM | Computer Name = XPS-GEN4 | Source = Service Control Manager | ID = 7000
Description = The SRTSPL service failed to start due to the following error: %%31
< End of report >