Here is OTL.Txt:
OTL logfile created on: 5/4/2011 10:11:48 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\All Users\Desktop\Anti Malware
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 21.68 Gb Free Space | 19.39% Space Free | Partition Type: NTFS
Computer Name: HME-VJQDGJMFP3P | User Name: weissfamily | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/04 22:08:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Desktop\Anti Malware\OTL.exe
PRC - [2011/03/18 13:53:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/05/04 22:08:56 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\All Users\Desktop\Anti Malware\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/11/25 09:49:46 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2008/01/26 16:05:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2006/08/03 09:15:08 | 000,208,896 | ---- | M] (None) [Auto | Stopped] -- C:\Program Files\WatchDog\wdserver.exe -- (wdserver)
SRV - [2005/01/27 19:16:58 | 000,856,064 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
========== Driver Services (SafeList) ==========
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/12/08 22:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/10/12 21:24:56 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/12 21:24:54 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/12 21:24:52 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/06/19 16:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/04/02 09:14:04 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Nexon\MapleStory\npkcrypt.sys -- (npkcrypt)
DRV - [2008/01/22 17:38:02 | 002,845,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/12/26 22:25:10 | 000,020,736 | R--- | M] (ZDC., Inc. (ZDC)) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\ZDCndis5.sys -- (ZDCNDIS5)
DRV - [2007/08/01 23:47:26 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/10/19 23:20:00 | 000,019,712 | ---- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ndicql.sys -- (ndicql)
DRV - [2005/01/27 19:08:02 | 000,099,200 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/01/27 19:07:34 | 000,028,928 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/01/27 13:07:28 | 000,027,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005/01/12 21:28:04 | 000,116,224 | ---- | M] (InterVideo) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IviUdf.sys -- (iviudf)
DRV - [2005/01/12 07:29:28 | 000,038,784 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ivicd.sys -- (ivicd)
DRV - [2004/10/19 19:06:48 | 000,008,320 | R--- | M] () [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\sbfshook.sys -- (SBFSHOOK)
DRV - [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 09:28:18 | 000,794,399 | ---- | M] (U.S. Robotics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USR1806V.SYS -- (USR1806V)
DRV - [2001/08/17 08:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4)
DRV - [2001/08/17 08:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1998/09/25 07:06:00 | 000,044,032 | ---- | M] (Hewlett-Packard Company) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\HPW5ECP.SYS -- (HPW5ECP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/03 15:33:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/31 15:16:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/03/26 18:27:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/26 17:34:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/26 17:34:10 | 000,000,000 | ---D | M]
[2008/12/20 01:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\weissfamily\Application Data\Mozilla\Extensions
[2011/04/10 14:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\weissfamily\Application Data\Mozilla\Firefox\Profiles\yimajthb.default\extensions
[2009/09/22 11:08:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\weissfamily\Application Data\Mozilla\Firefox\Profiles\yimajthb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/28 17:59:32 | 000,000,000 | ---D | M] ("YoYo Games InstantPlay") -- C:\Documents and Settings\weissfamily\Application Data\Mozilla\Firefox\Profiles\yimajthb.default\extensions\[email protected]
[2011/03/26 17:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\WEISSFAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIMAJTHB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/03/31 15:16:40 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [schedule] C:\Program Files\InterVideo\Backup\Schedule.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [WINCINEMAMGR] C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Nero\data\Xtras\mssysmgr.exe (Ahead Software)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskBar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileUrl = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} http://support.f-sec...3beta/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames...ctivex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/08 00:07:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{31b70e2f-cd30-11dd-a932-0003472f50df}\Shell - "" = AutoRun
O33 - MountPoints2\{31b70e2f-cd30-11dd-a932-0003472f50df}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{31b70e2f-cd30-11dd-a932-0003472f50df}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{70601415-4fc8-11df-a86a-0003472f50df}\Shell - "" = AutoRun
O33 - MountPoints2\{70601415-4fc8-11df-a86a-0003472f50df}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70601415-4fc8-11df-a86a-0003472f50df}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{fcfc503a-9f2f-11dd-a8bf-0003472f50df}\Shell - "" = AutoRun
O33 - MountPoints2\{fcfc503a-9f2f-11dd-a8bf-0003472f50df}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fcfc503a-9f2f-11dd-a8bf-0003472f50df}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/05/01 05:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/05/01 05:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/04/30 23:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Weiss
[2011/04/30 23:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Weiss
[2011/04/30 23:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/30 23:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/04/10 08:49:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\weissfamily\Recent
[2011/04/10 06:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\weissfamily\Desktop\Copy of TempFolder
[2011/04/10 06:09:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\weissfamily\Desktop\TempFolder
[2011/04/09 23:25:18 | 000,000,000 | ---D | C] -- C:\Restore
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/04 22:03:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/04 14:06:46 | 000,012,064 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\d74p7yjp6gw7ndw575n
[2011/05/04 07:04:33 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/04 04:17:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\weissfamily\Local Settings\Application Data\prvlcl.dat
[2011/05/04 04:08:44 | 114,096,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/05/03 06:30:44 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/01 10:58:43 | 000,012,558 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\10rjhjf803023yk6e34772j836a5
[2011/04/30 23:33:50 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\weissfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/04/30 22:42:03 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/30 18:14:10 | 000,002,685 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2011/04/30 18:05:44 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/04/28 15:44:17 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\weissfamily\Desktop\yo
[2011/04/24 20:27:07 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\weissfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2011/04/23 15:16:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/04/15 04:38:55 | 000,205,712 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 04:22:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/15 04:19:10 | 000,563,070 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/15 04:19:10 | 000,110,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/10 10:54:33 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\weissfamily\Desktop\Shortcut to Restore.lnk
[2011/04/10 08:51:56 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/09 23:03:49 | 000,000,392 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\18407220
[2011/04/09 22:55:52 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18407220
[2011/04/09 22:33:31 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~18407220r
[2011/04/09 22:32:48 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\weissfamily\Desktop\Windows Restore.lnk
[2011/04/09 18:52:58 | 000,001,112 | ---- | M] () -- C:\WINDOWS\blocks.dat
[2011/04/09 18:46:50 | 000,000,128 | ---- | M] () -- C:\WINDOWS\hs1.dat
[2011/04/09 18:44:27 | 000,000,128 | ---- | M] () -- C:\WINDOWS\hs2.dat
[2011/04/06 19:27:06 | 000,000,014 | ---- | M] () -- C:\alrt_200.data
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/04 07:05:15 | 000,012,064 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\d74p7yjp6gw7ndw575n
[2011/05/04 07:05:15 | 000,012,064 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\d74p7yjp6gw7ndw575n
[2011/05/01 05:58:35 | 000,012,558 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\10rjhjf803023yk6e34772j836a5
[2011/05/01 05:58:35 | 000,012,558 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\10rjhjf803023yk6e34772j836a5
[2011/04/28 15:44:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\weissfamily\Desktop\yo
[2011/04/10 10:54:33 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\weissfamily\Desktop\Shortcut to Restore.lnk
[2011/04/10 08:51:56 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/09 23:15:13 | 000,002,206 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/09 22:33:31 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18407220r
[2011/04/09 22:33:31 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~18407220
[2011/04/09 22:32:48 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\weissfamily\Desktop\Windows Restore.lnk
[2011/04/09 22:32:37 | 000,000,392 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18407220
[2011/04/09 18:52:58 | 000,001,112 | ---- | C] () -- C:\WINDOWS\blocks.dat
[2011/04/09 18:34:29 | 000,000,128 | ---- | C] () -- C:\WINDOWS\hs2.dat
[2011/04/09 18:34:29 | 000,000,128 | ---- | C] () -- C:\WINDOWS\hs1.dat
[2011/03/08 00:52:24 | 000,214,814 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/03 15:19:20 | 000,215,012 | ---- | C] () -- C:\WINDOWS\hpoins35.dat
[2010/10/03 15:19:20 | 000,001,069 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat
[2010/08/16 20:35:42 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/08/16 20:35:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010/04/15 20:46:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\weissfamily\Local Settings\Application Data\prvlcl.dat
[2009/10/24 08:30:39 | 000,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/06 22:28:28 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\437D10BE23.sys
[2009/09/06 22:28:26 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/07/08 18:41:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/04/21 23:12:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009/03/28 08:45:22 | 011,846,176 | ---- | C] () -- C:\WINDOWS\System32\bthcache.dll
[2009/01/02 01:12:07 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/20 01:41:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/18 16:10:04 | 007,761,184 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/18 16:10:04 | 000,134,944 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2008/11/10 14:47:19 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\2Wire.ini
[2008/11/10 14:47:12 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\NB-WGASW.ini
[2008/10/28 21:32:00 | 000,079,590 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2008/10/25 09:07:55 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/02 08:56:42 | 000,009,845 | ---- | C] () -- C:\WINDOWS\System32\msw-njode.dll
[2008/09/28 21:07:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/09/28 21:00:33 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/09/28 20:59:39 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/09/28 20:59:31 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/09/28 20:59:30 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/09/28 20:59:29 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/09/28 20:59:29 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/09/04 18:19:01 | 000,001,682 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/09/04 18:19:01 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\23BE107D43.sys
[2008/08/06 22:38:56 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/03/17 21:48:08 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\weissfamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/15 14:22:13 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\mse-cjodd.dll
[2008/01/26 16:15:48 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/01/09 16:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008/01/09 16:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/12/30 19:32:04 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/11/12 15:44:25 | 000,002,418 | ---- | C] () -- C:\WINDOWS\HPW5CSS.INI
[2007/11/12 15:44:25 | 000,000,921 | ---- | C] () -- C:\WINDOWS\HPW5DSM.INI
[2007/11/12 14:32:30 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2007/11/12 14:32:29 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2007/11/11 21:44:53 | 000,026,337 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/11/10 22:24:24 | 000,008,320 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbfshook.sys
[2007/11/10 22:21:33 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\udffsrec.sys
[2007/11/10 22:20:59 | 000,026,694 | ---- | C] () -- C:\WINDOWS\HWS.exe
[2007/11/10 22:20:58 | 000,026,694 | ---- | C] () -- C:\WINDOWS\HMD.exe
[2007/11/10 22:20:20 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/11/10 22:20:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/11/10 22:20:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/11/10 22:20:20 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/11/10 22:20:20 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/11/10 22:20:20 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/11/10 22:18:46 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2007/11/10 22:18:33 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2007/11/10 10:13:09 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/10 10:13:08 | 000,060,565 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007/11/10 10:13:08 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007/11/10 10:13:08 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2007/11/10 10:13:08 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2007/11/10 10:13:08 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2007/11/10 10:13:08 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2007/11/10 10:13:08 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2007/11/10 10:13:08 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2007/11/10 10:13:08 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2007/11/10 10:13:08 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2007/11/10 10:13:08 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2007/11/10 10:13:08 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2007/11/10 10:13:08 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2007/11/10 10:10:24 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPCX3800.ini
[2007/11/10 10:04:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/11/09 23:34:01 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/11/08 21:46:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/11/08 00:05:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/11/07 18:56:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/11/07 18:56:09 | 000,205,712 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/08/21 18:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 16:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2005/08/30 00:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 00:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 00:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2002/02/25 16:40:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\createcert.exe
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,563,070 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,110,644 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2000/08/04 16:24:48 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ImageUtils.dll
[1999/05/17 13:55:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
========== LOP Check ==========
[2011/03/26 18:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/03/26 18:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/26 18:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/03/27 16:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/03/14 16:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/01/11 11:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2008/12/17 18:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2008/07/28 11:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2007/11/10 09:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/11/09 23:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2011/03/26 17:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/08/16 20:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/02/20 17:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2007/11/11 21:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/03/31 15:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2009/11/25 23:35:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\weissfamily\Application Data\.#
[2011/04/06 18:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\.minecraft
[2008/01/09 17:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\acccore
[2008/08/06 22:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Atari
[2011/03/26 18:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\AVG10
[2008/04/14 10:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\BitTorrent
[2008/03/21 15:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\ImgBurn
[2008/04/11 20:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\InterVideo
[2007/11/10 10:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Leadertech
[2008/04/17 18:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Nexon
[2008/03/21 12:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\OnReally
[2008/03/19 08:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\ScanSoft
[2007/11/11 21:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Simple Star
[2007/11/12 08:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Snapfish
[2010/01/20 19:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Snood
[2010/03/25 16:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\SPORE
[2010/02/11 20:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\TeamViewer
[2008/04/13 19:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\weissfamily\Application Data\Wizards of the Coast
[2011/04/30 18:05:44 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
========== Purity Check ==========
< End of report >
Here is Extras.Txt:
OTL Extras logfile created on: 5/4/2011 10:11:48 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\All Users\Desktop\Anti Malware
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 528.00 Mb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 21.68 Gb Free Space | 19.39% Space Free | Partition Type: NTFS
Computer Name: HME-VJQDGJMFP3P | User Name: weissfamily | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe" = C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion -- (Ensemble Studios)
"C:\Program Files\Firefly Studios\Stronghold Legends\StrongholdLegends.exe" = C:\Program Files\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- (Firefly Studios)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\Launcher.exe" = C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\BackgroundDownloader.exe" = C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe" = C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe" = C:\Documents and Settings\weissfamily\My Documents\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_51611\pong3.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_51611\pong3.exe:*:Disabled:pong3
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_16962\MMO Engine Server v1.10_39dll.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_16962\MMO Engine Server v1.10_39dll.exe:*:Enabled:MMO Engine Server v1.10_39dll
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_51585\MMO Engine Server v1.10_39dll.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_51585\MMO Engine Server v1.10_39dll.exe:*:Enabled:MMO Engine Server v1.10_39dll
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_13065\MMO Engine Server v1.10_39dll.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_13065\MMO Engine Server v1.10_39dll.exe:*:Enabled:MMO Engine Server v1.10_39dll
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_34067\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_34067\escapedlls.exe:*:Enabled:escapedlls
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_97332\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_97332\escapedlls.exe:*:Enabled:escapedlls
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_16048\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_16048\escapedlls.exe:*:Enabled:escapedlls
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_14263\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_14263\escapedlls.exe:*:Enabled:escapedlls
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_25961\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_25961\escapedlls.exe:*:Enabled:escapedlls
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_8868\Server.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_8868\Server.exe:*:Enabled:Server
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_18432\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_18432\escapedlls.exe:*:Enabled:escapedlls
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Steam\steamapps\common\global agenda live\Binaries\GlobalAgenda.exe" = C:\Program Files\Steam\steamapps\common\global agenda live\Binaries\GlobalAgenda.exe:*:Enabled:Global Agenda - Demo -- (HiRez Studios, Inc.)
"D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_11674\escapedlls.exe" = C:\Documents and Settings\weissfamily\Local Settings\temp\gm_ttt_11674\escapedlls.exe:*:Enabled:escapedlls
"C:\StarCraft II\StarCraft II.exe" = C:\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011A2240-08DF-45BB-AA4E-1A78637CCF80}" = RPS CRT
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05AB8EF0-F783-11DF-83AC-001279CD8240}" = Google Earth Plug-in
"{07F754F7-0C4E-89FC-96F6-A896CD864FE7}" = Catalyst Control Center Graphics Previews Common
"{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21BB0483-3D43-46A7-A63F-72C702701438}" = GameShadow
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26927548-A6FC-CDE0-AF22-5152455FC071}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 15
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2B072A33-D445-46D5-9442-7B41F5171AAC}" = Guitar Hero Explorer
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3A8FE85D-250F-551E-B64B-1C6853941291}" = Catalyst Control Center Localization Spanish
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C6EC3D9-BB89-7969-C366-EF522E3D5F8E}" = Catalyst Control Center Localization German
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F91DEEC-4564-30B3-0BFE-8631ADEE49FE}" = Catalyst Control Center Localization Chinese Standard
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{434C1C78-572D-1786-0D4A-6B9FE0EDD889}" = Catalyst Control Center Core Implementation
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5BF93AB1-BDB4-C050-92A3-20EE4BEB5C29}" = Catalyst Control Center Graphics Full New
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6A678882-C903-2C73-0BB2-F2D5DE72058B}" = Skins
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{783A7FED-F7B0-419E-7108-A38835BE0611}" = Catalyst Control Center Graphics Full Existing
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BB9A40-FB1A-1199-35B8-2A3F1C85E43F}" = ccc-utility
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{888F0154-4AAA-4719-BFAE-01C3066B8408}" = C309a
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AEEE6D6-C95D-465A-B8D3-B7AE2FA7B8B4}" = InterVideo MediaOne
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{962E05CF-3394-496D-0091-850CF1762F6B}" = The Battle for Middle-earth
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{980466BF-1A94-1AFD-12AC-B5D3018701FE}" = ccc-core-preinstall
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B40FEE5-85E8-4851-89AD-66E2A1B4DC04}" = MapleStory
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A088AF9D-0B94-4C33-B327-E5B494CE810B}" = PS_AIO_05_C309_Software_Min
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6EEA370-C656-528D-8237-3476C4C726F7}" = CCC Help English
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9794555-737D-BDEF-5362-60ECCA333460}" = CCC Help French
"{A9B54408-EF50-4821-B8A2-F597A657112A}" = HP Photosmart C309a All-In-One Driver Software 13.0 Rel .5
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.1-alpha-5.1
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}" = Magic Online III
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4C0A315-07FB-39F9-85CD-8CE20C019350}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BBF08789-06CB-4D2F-9330-CD617AFDE528}" = Fax
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C593B9FC-6CBF-618A-F587-8A663CFF4360}" = CCC Help Spanish
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB8B8F48-1FE7-491B-277D-C5AD57B18345}" = Catalyst Control Center Localization French
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1846BA1-6118-3EDF-8C57-6E1A04646738}" = Microsoft Visual C++ 2008 Express Edition - ENU
"{D21553E9-2EC5-4E8C-AB71-07AC07D50BBC}" = EPSON PhotoCenter
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF38F332-2AC3-37FF-9FDC-8C4C80E531FB}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{E348508F-82A6-4BC1-D96A-B73E439FF124}" = CCC Help Chinese Standard
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9496016-7286-578D-6A03-D3C6F1DADDFD}" = CCC Help German
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{F098512F-5EA8-4852-AC04-016A5C0D480E}" = Torrent Episode Downloader
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F7AF6E0F-FB04-C7EB-4FF6-5253E67374DA}" = Catalyst Control Center Graphics Light
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FDCE9C15-EB45-11D5-89C7-0050DA162A25}" = PaperPort 9.0
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"7-Zip" = 7-Zip 4.65
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"CCleaner" = CCleaner (remove only)
"CD/DVD-ROM Generator" = CD/DVD-ROM Generator 1.20
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"Dr. Lunatic Supreme With Cheese_is1" = Dr. Lunatic Supreme With Cheese v7.41
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Game Maker 7.0" = Game Maker 7.0
"HijackThis" = HijackThis 2.0.2
"Hijackthis_is1" = Hijackthis 1.99.1
"hon" = Heroes of Newerth
"HP DeskJet 1120C Printer" = HP DeskJet 1120C Printer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"HyperCam 2" = HyperCam 2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImgBurn" = ImgBurn (Remove Only)
"Indeo® software" = Indeo® software
"InterActual Player" = InterActual Player
"jZip" = jZip
"Lemmings Revolution" = Lemmings Revolution
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual C++ 2008 Express Edition - ENU" = Microsoft Visual C++ 2008 Express Edition - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"Nero PhotoShow Express" = Nero PhotoShow Express
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = NeroMIX
"Phantasy Star Online Blue Burst_is1" = Phantasy Star Online Blue Burst 1.0
"Plants vs. Zombies" = Plants vs. Zombies
"PROSet" = Intel® PRO Network Connections Drivers
"RPG Maker VX RTP_is1" = RPG Maker VX RTP
"RPG Maker VX_is1" = RPG Maker VX
"Shop for HP Supplies" = Shop for HP Supplies
"Silent Package Run-Time Sample" = EPSON CX 3800 Guide
"Snood 4_is1" = Snood 4
"Speccy" = Speccy
"StarCraft II" = StarCraft II
"Steam App 17050" = Global Agenda - Demo
"TeamViewer 5" = TeamViewer 5
"WatchDog" = WatchDog
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"World of Warcraft" = World of Warcraft
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"ZC2.10w" = Zelda Classic 2.10w
"Zoombinis Island Odyssey" = Zoombinis Island Odyssey
"Zoombinis Mountain Rescue" = Zoombinis Mountain Rescue
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/4/2011 11:25:19 AM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 5/4/2011 1:35:47 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 5/4/2011 3:47:10 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 5/4/2011 3:47:11 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
Error - 5/4/2011 3:56:38 PM | Computer Name = HME-VJQDGJMFP3P | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module unknown, version 0.0.0.0, fault address 0xffffffff.
Error - 5/4/2011 5:14:27 PM | Computer Name = HME-VJQDGJMFP3P | Source = Application Error | ID = 1001
Description = Fault bucket -1897022062.
Error - 5/4/2011 5:57:23 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 5/4/2011 7:53:06 PM | Computer Name = HME-VJQDGJMFP3P | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module unknown, version 0.0.0.0, fault address 0xffffffff.
Error - 5/4/2011 8:07:49 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 5/4/2011 8:07:49 PM | Computer Name = HME-VJQDGJMFP3P | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.
[ System Events ]
Error - 5/4/2011 2:49:40 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 5/4/2011 2:49:41 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 5/4/2011 2:50:08 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 5/4/2011 6:41:24 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 5/4/2011 6:43:05 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 5/4/2011 6:44:16 PM | Computer Name = HME-VJQDGJMFP3P | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Avgldx86 Avgmfx86 avgnt Fips intelppm pavboot SASDIFSV SASKUTIL
Error - 5/4/2011 6:45:21 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 5/4/2011 10:02:00 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 5/4/2011 10:03:44 PM | Computer Name = HME-VJQDGJMFP3P | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 5/4/2011 10:04:46 PM | Computer Name = HME-VJQDGJMFP3P | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Avgldx86 Avgmfx86 avgnt Fips intelppm pavboot SASDIFSV SASKUTIL
< End of report >