Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Browser redirect plus removal of all desktop shortcuts


  • Please log in to reply

#1
ph1290

ph1290

    Member

  • Member
  • PipPip
  • 58 posts
Initially had virus (Microsoft Security Suite?) that MBAM seemed to take out. During this process, all shortcuts on one of my profiles disappeared off my desktop and Start Menu. I have to go to my hard drive program files folder to run a program. Now I've got a browser redirect issue that keeps me from going to Geekstogo.com. I am also getting numerous "script" errors. I ran OTL from a flashdrive. Here are the results

First the OTL file:

OTL logfile created on: 5/9/2011 8:34:01 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 36.36 Gb Free Space | 48.78% Space Free | Partition Type: NTFS
Drive D: | 3.65 Gb Total Space | 3.65 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: 7-02650 | User Name: harrisap | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 08:40:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011/05/03 04:48:20 | 000,384,088 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
PRC - [2010/05/17 14:24:16 | 000,308,592 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2010/05/07 10:42:00 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/12/18 11:24:24 | 000,197,928 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/06 14:16:30 | 000,246,400 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\F5InstallerService.exe
PRC - [2006/03/17 07:34:30 | 000,124,656 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/03/17 07:34:24 | 000,115,952 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe
PRC - [2006/03/17 07:34:20 | 001,799,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/03/17 07:34:12 | 000,030,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/03/07 14:03:02 | 000,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/03/07 14:02:34 | 000,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/03/07 14:02:14 | 000,053,408 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/11/05 20:47:24 | 000,032,768 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\Sharp\Sharpdesk\SharpTray.exe
PRC - [2005/11/05 20:34:44 | 000,184,320 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\Sharp\Sharpdesk\Indexer.exe
PRC - [2005/11/05 20:32:54 | 000,106,496 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\Sharp\Sharpdesk\IndexTray.exe
PRC - [2005/11/05 20:04:26 | 000,688,128 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\Sharp\Sharpdesk\FTPServer.exe
PRC - [2005/11/05 20:01:42 | 000,544,768 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\Sharp\Sharpdesk\nsapp.exe
PRC - [2004/08/04 03:05:00 | 000,570,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2004/06/20 20:45:28 | 000,630,854 | ---- | M] (UltraVNC) -- C:\Program Files\UltraVNC\winvnc.exe
PRC - [2004/01/09 05:56:44 | 000,057,393 | ---- | M] (IBM Corp) -- C:\Notes\ntmulti.exe
PRC - [2002/10/30 16:59:12 | 000,364,544 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis1.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 08:40:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2008/04/13 20:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - [2010/05/17 14:24:16 | 000,308,592 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2009/12/18 11:25:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2007/10/06 14:16:30 | 000,246,400 | ---- | M] (F5 Networks) [Auto | Running] -- C:\WINDOWS\system32\F5InstallerService.exe -- (F5 Networks Component Installer)
SRV - [2006/03/17 07:34:24 | 000,115,952 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/03/17 07:34:20 | 001,799,408 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/03/17 07:34:12 | 000,030,448 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/03/07 14:03:02 | 000,169,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/03/07 14:02:34 | 000,192,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/02/23 12:41:02 | 002,045,632 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/02/06 13:50:24 | 001,160,848 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/01/24 21:06:58 | 000,214,720 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/08/04 03:05:00 | 000,570,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2004/06/20 20:45:28 | 000,630,854 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (winvnc)
SRV - [2004/01/09 05:56:44 | 000,057,393 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2000/10/19 12:55:50 | 000,411,244 | ---- | M] () [On_Demand | Stopped] -- C:\oracle\ora81\bin\ONRSD.EXE -- (OracleOraHome81ClientCache)


========== Driver Services (SafeList) ==========

DRV - [2011/03/31 04:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\navex15.sys -- (NAVEX15)
DRV - [2011/03/31 04:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110508.003\naveng.sys -- (NAVENG)
DRV - [2010/10/14 05:26:38 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010/10/14 05:26:36 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010/10/14 05:26:34 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010/08/02 17:19:28 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/08/02 17:19:26 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/08/02 17:19:24 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/08/02 17:19:22 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/05/27 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/09 23:15:18 | 000,033,920 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\covpndrv.sys -- (urvpndrv)
DRV - [2009/10/09 23:15:13 | 000,010,752 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/02/06 13:50:22 | 000,389,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/01/31 14:29:20 | 000,107,696 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/01/24 21:06:36 | 000,195,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/01/24 21:06:32 | 000,024,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/12/19 21:41:58 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/12/19 21:41:56 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/02/01 18:00:42 | 000,012,416 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2004/12/06 17:55:20 | 000,126,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/06/27 02:50:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2004/05/13 18:38:52 | 000,672,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/11/12 08:33:26 | 002,479,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel®
DRV - [2003/10/03 10:33:42 | 000,199,328 | ---- | M] (Symantec Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\ghpcw2k.sys -- (GhPostConfig_Auto)
DRV - [2003/10/03 10:33:42 | 000,199,328 | ---- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\ghpcw2k.sys -- (GhPostConfig)
DRV - [2003/10/03 10:33:30 | 000,006,784 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\ghmon.sys -- (GhMon)
DRV - [2003/07/07 05:15:12 | 000,325,440 | ---- | M] (Philips Electronics North America, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/06/27 08:53:44 | 001,196,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/11/18 18:20:44 | 000,030,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gv3.sys -- (gv3)
DRV - [2002/08/29 01:59:26 | 000,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2002/07/19 14:24:42 | 001,099,264 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yacxg.sys -- (WDM_YAMAHAAC97)
DRV - [2001/10/19 15:23:36 | 000,093,184 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3ssavm.sys -- (S3SSavage)
DRV - [2001/09/13 20:53:02 | 000,005,936 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\TVALG.SYS -- (TVALG)
DRV - [2001/08/24 02:02:04 | 000,022,928 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tsdhd.sys -- (tsdhd)
DRV - [2001/08/23 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 15:23:58 | 000,005,264 | ---- | M] (Toshiba Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\TVALD.SYS -- (TVALD)
DRV - [2001/08/17 13:50:34 | 000,075,392 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3savmxm.sys -- (S3SavageMX)
DRV - [2001/08/17 13:20:18 | 000,334,208 | ---- | M] (Yamaha Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ds1wdm.sys -- (ds1) Yamaha DS1 Audio Driver (WDM)
DRV - [2001/08/17 13:10:58 | 000,069,692 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el575ND5.sys -- (el575nd5)
DRV - [2001/08/17 13:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/08/17 13:10:26 | 000,028,232 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tos4mo.sys -- (OBOE)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.1.*;127.0.0.*

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\Firefox [2011/02/13 16:03:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/17 06:02:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/13 11:35:42 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/04/14 22:21:18 | 000,244,154 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 acestats.com
O1 - Hosts: 127.0.0.1 www.acestats.com
O1 - Hosts: 127.0.0.1 www.activesearch.com #[Adware.ActiveSearch]
O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames][Spyware.ActualNames]
O1 - Hosts: 127.0.0.1 www.actualnames.com
O1 - Hosts: 127.0.0.1 ad-up.com
O1 - Hosts: 127.0.0.1 www.ad-up.com
O1 - Hosts: 127.0.0.1 adatom.com
O1 - Hosts: 127.0.0.1 aesp.adatom.com
O1 - Hosts: 127.0.0.1 adbest.com #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 www.adcipta.net #[W32/Malware]
O1 - Hosts: 127.0.0.1 adserv.adbonus.com #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 www.adbonus.com
O1 - Hosts: 127.0.0.1 media.adcentriconline.com #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 www.adcept.net #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 adcomplete.com #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 www.adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcopy.info
O1 - Hosts: 127.0.0.1 ads.adcorps.com
O1 - Hosts: 127.0.0.1 ads.addynamix.com #[IE-SpyAd]
O1 - Hosts: 127.0.0.1 pt.server1.adexit.com
O1 - Hosts: 127.0.0.1 www.adexit.com #[IE-SpyAd]
O1 - Hosts: 6737 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_14\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BYRUA_AGENT] C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\BYR_Client\VZWUAAgent.exe (LG Electronics)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CleanUpTemp] c:\windows\cleanup.exe (Optimum X)
O4 - HKLM..\Run: [CleanUpUserTemp] c:\windows\cleanup.exe (Optimum X)
O4 - HKLM..\Run: [CleanUpWindows] c:\windows\cleanup.exe (Optimum X)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [FtpServer.exe] C:\Program Files\Sharp\Sharpdesk\FtpServer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Indexer] C:\Program Files\Sharp\Sharpdesk\Indexer.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [IndexTray] C:\Program Files\Sharp\Sharpdesk\IndexTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [pdfFactory Dispatcher v1] C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis1.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [SharpTray] C:\Program Files\Sharp\Sharpdesk\SharpTray.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TypeRegChecker] C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe (SHARP CORPORATION)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinVNC] C:\Program Files\UltraVNC\WinVNC.exe (UltraVNC)
O4 - HKCU..\Run: [LtuBJrJRDEvvaD] File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\printnow.exe (Ziff-Davis, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clientelligent.com ([www] http in My Computer)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: employeeedge.com ([www] http in My Computer)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: gabrobinsna.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.co...ebInstaller.cab (SOE Web Installer)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {036F8A56-0BC8-4607-8F98-D3231E6FF5ED} http://asp4.centra.c...raUpdaterAx.cab (CentraUpdaterAxCtl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....467&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} http://uspsy13m/iNotes.cab (iNotes Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://gabrobins1.c...,2010,1215,1100 (F5 Networks VPN Manager)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://uspsy16m/iNotes6W.cab (iNotes6 Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc2.cab (Office Update Installation Engine)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://gabrobins1.c...,2010,1215,1053 (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://gabrobins1.c...,2009,1010,0312 (F5 Networks Auto Update)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab (F5 Networks Policy Agent Host Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120616437209 (WUWebControl Class)
O16 - DPF: {68132570-CED6-11D5-91AE-000039F5040E} http://www.employeee...m/NAVUPDPRJ.CAB (NAVUPDPRJ.NAVUPDCTL)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} file://C:/Program Files/F5 VPN/F5_TMP/urTermProxy.cab (F5 Networks Static Application Tunnel Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {708BFDA5-5B56-435B-8227-726021E197E9} http://us.beanfun.co...viceAdapter.ocx (BFServiceAdapterX Control)
O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7930.5194675926 (Reg Error: Key error.)
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} http://asp4.centra.c...aDownloader.cab (CentraDownloaderCtl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://gabrobins1.c...1,2009,1010,308 (F5 Networks SuperHost Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://gab.webex.co...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://gabrobins1.c...nal/urxhost.cab (F5 Networks Host Control)
O16 - DPF: {E66D35B8-E70D-42A6-B1F5-DB784CB92B15} file://C:/Program Files/F5 VPN/F5_TMP/urvncx.cab (URVNCX Class)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} https://ea9.eautocla...ted/XUpload.ocx (Persits Software XUpload)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = GABNA-AD.local
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\harrisap\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\harrisap\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/10 19:23:18 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7a8ff4c0-620d-11e0-a231-463500000031}\Shell\AutoRun\command - "" = D:\SETUP.EXE /adminfile Updates\CLNA.msp
O33 - MountPoints2\{7a8ff4c0-620d-11e0-a231-463500000031}\Shell\install\command - "" = D:\SETUP.EXE /adminfile Updates\CLNA.msp
O33 - MountPoints2\{99795f11-e91b-11de-a1e1-001485a95621}\Shell - "" = AutoRun
O33 - MountPoints2\{99795f11-e91b-11de-a1e1-001485a95621}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{99795f11-e91b-11de-a1e1-001485a95621}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{a1853795-3dc5-11de-a1b9-001485a95621}\Shell - "" = AutoRun
O33 - MountPoints2\{a1853795-3dc5-11de-a1b9-001485a95621}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a1853795-3dc5-11de-a1b9-001485a95621}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{c72bef64-347b-11e0-a21e-463500000031}\Shell - "" = AutoRun
O33 - MountPoints2\{c72bef64-347b-11e0-a21e-463500000031}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c72bef64-347b-11e0-a21e-463500000031}\Shell\AutoRun\command - "" = D:\TL_Bootstrap.exe
O33 - MountPoints2\{e16bbc76-9695-11de-a1dc-001485a95621}\Shell - "" = AutoRun
O33 - MountPoints2\{e16bbc76-9695-11de-a1dc-001485a95621}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e16bbc76-9695-11de-a1dc-001485a95621}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/01 19:26:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2011/04/27 22:08:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\harrisap\Recent
[2011/04/14 21:27:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harrisap\Desktop\New Folder
[2011/04/13 22:27:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harrisap\My Documents\Xactimate25.5 Office Templates
[2011/04/13 22:24:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harrisap\My Documents\Xactimate27.0 Office Templates
[2011/04/13 14:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\harrisap\Local Settings\Application Data\Hewlett-Packard Co
[2002/08/09 14:58:36 | 000,133,120 | ---- | C] ( ) -- C:\WINDOWS\System32\zipdll.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/08 15:22:05 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011/05/03 15:04:05 | 000,000,497 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2011/05/03 15:02:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/03 14:14:54 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.pif
[2011/05/03 06:01:14 | 000,017,552 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\q7ntce130ok4
[2011/05/03 05:46:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/27 22:08:49 | 000,000,184 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19914548
[2011/04/27 22:08:49 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~19914548r
[2011/04/27 18:28:08 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\19914548
[2011/04/14 21:18:17 | 000,002,219 | -H-- | M] () -- C:\Documents and Settings\harrisap\Desktop\F5 Networks VPN Client (2).lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/01 19:26:41 | 000,017,552 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\q7ntce130ok4
[2011/04/27 18:28:16 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19914548r
[2011/04/27 18:28:15 | 000,000,184 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~19914548
[2011/04/27 18:28:08 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\19914548
[2011/03/22 12:16:39 | 000,000,517 | ---- | C] () -- C:\WINDOWS\oqiferab.dll
[2011/03/22 10:14:39 | 000,000,517 | ---- | C] () -- C:\WINDOWS\omiwecig.dll
[2011/03/22 08:12:40 | 000,000,517 | ---- | C] () -- C:\WINDOWS\abusifefela.dll
[2011/03/22 06:10:39 | 000,000,517 | ---- | C] () -- C:\WINDOWS\afahafil.dll
[2011/03/22 04:08:42 | 000,000,517 | ---- | C] () -- C:\WINDOWS\udukelodasodef.dll
[2011/03/22 02:06:39 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ejotalajo.dll
[2011/03/22 00:04:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\inogoforeqonofa.dll
[2011/03/21 22:02:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\osejulatiwoji.dll
[2011/03/21 20:00:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\oyofijoc.dll
[2011/03/21 17:58:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ahowibiqorefube.dll
[2011/03/21 15:56:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\agezaxeq.dll
[2011/03/21 13:54:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\eforeriyonidop.dll
[2011/03/21 11:52:38 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ivevomasiv.dll
[2011/03/21 09:50:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ihaxixoyenevud.dll
[2011/03/21 07:48:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\owotifefeqacol.dll
[2011/03/21 05:46:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ikonuveruqapiwes.dll
[2011/03/21 03:44:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\izeburim.dll
[2011/03/21 01:42:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iyisumidinigo.dll
[2011/03/20 23:40:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\epetezivanomozo.dll
[2011/03/20 21:38:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uhavevukoviker.dll
[2011/03/20 19:36:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\urufibuj.dll
[2011/03/20 17:34:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\abeviyak.dll
[2011/03/20 15:32:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uzeceyiq.dll
[2011/03/20 13:30:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\egaqitihumenesan.dll
[2011/03/20 11:28:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ifajuyiboxavow.dll
[2011/03/20 09:26:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ubibeyeyo.dll
[2011/03/20 07:24:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\irabiheb.dll
[2011/03/20 05:22:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uqihinal.dll
[2011/03/20 03:20:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\enesejefiqasu.dll
[2011/03/20 01:18:36 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ubiwesif.dll
[2011/03/19 23:16:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\evagujeka.dll
[2011/03/19 21:14:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\upakunodijipatax.dll
[2011/03/19 19:12:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\amikodurexu.dll
[2011/03/19 17:10:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\izetided.dll
[2011/03/19 15:08:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\onaqurejadan.dll
[2011/03/19 13:06:35 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uqujedecod.dll
[2011/03/19 11:04:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\atarediqatari.dll
[2011/03/19 09:02:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\efesuram.dll
[2011/03/19 07:00:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\aqasazuy.dll
[2011/03/19 04:58:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\orajazet.dll
[2011/03/19 02:56:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\odamufavele.dll
[2011/03/19 00:54:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\owozuzesesuzu.dll
[2011/03/18 22:52:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ukacezaf.dll
[2011/03/18 20:50:34 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ebacitaludejemi.dll
[2011/03/18 18:48:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uneqesodamape.dll
[2011/03/18 16:46:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\omegayuxoxot.dll
[2011/03/18 14:44:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\umotukixuyoyulid.dll
[2011/03/18 12:42:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\oyofuxujabo.dll
[2011/03/18 10:40:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\esazovec.dll
[2011/03/18 08:38:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ijuzazohecewewec.dll
[2011/03/18 06:36:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\odebemob.dll
[2011/03/18 04:34:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ajadefayoqevi.dll
[2011/03/18 02:32:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\akejozug.dll
[2011/03/18 00:30:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ojenedev.dll
[2011/03/17 22:28:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\elehofusocacezaf.dll
[2011/03/17 20:26:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ahapoyowuka.dll
[2011/03/17 18:24:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iyalusas.dll
[2011/03/17 16:22:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\orimiboludosayer.dll
[2011/03/17 14:20:32 | 000,000,517 | ---- | C] () -- C:\WINDOWS\odogesavad.dll
[2011/03/17 12:18:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iticusura.dll
[2011/03/17 10:16:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iwalozik.dll
[2011/03/17 08:14:49 | 000,000,517 | ---- | C] () -- C:\WINDOWS\obifolininoz.dll
[2011/03/17 06:12:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\imaqojoqo.dll
[2011/03/17 04:10:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iluxuqotoli.dll
[2011/03/17 02:08:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\awapinube.dll
[2011/03/17 00:06:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\oruyajas.dll
[2011/03/16 22:04:31 | 000,000,517 | ---- | C] () -- C:\WINDOWS\obisulebodu.dll
[2011/03/16 20:02:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\emiliporer.dll
[2011/03/16 18:00:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ihaxikufikavupil.dll
[2011/03/16 15:58:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ivozodowur.dll
[2011/03/16 13:56:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\acowixorigegopep.dll
[2011/03/16 11:54:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\anemiteduzubo.dll
[2011/03/16 09:52:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uyudizir.dll
[2011/03/16 07:50:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ufelifetahef.dll
[2011/03/16 05:48:33 | 000,000,517 | ---- | C] () -- C:\WINDOWS\otifezipahalaf.dll
[2011/03/16 03:46:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\isipazucowopo.dll
[2011/03/16 01:44:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ekapiwam.dll
[2011/03/15 23:42:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\izirayeheridub.dll
[2011/03/15 21:40:30 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ikimimesu.dll
[2011/03/15 19:38:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\azunagog.dll
[2011/03/15 17:36:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\atezoyiziy.dll
[2011/03/15 15:34:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ozawutilesol.dll
[2011/03/15 13:32:29 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ujarecewekifeni.dll
[2011/03/15 07:22:28 | 000,000,517 | ---- | C] () -- C:\WINDOWS\apizibecerisuba.dll
[2011/03/15 05:20:28 | 000,000,517 | ---- | C] () -- C:\WINDOWS\efiwuyana.dll
[2011/03/15 03:18:28 | 000,000,517 | ---- | C] () -- C:\WINDOWS\odiquyepiyijiwan.dll
[2011/03/15 01:16:28 | 000,000,517 | ---- | C] () -- C:\WINDOWS\alanumatoyaqog.dll
[2011/03/14 23:14:28 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uhojunaz.dll
[2011/03/14 21:12:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ibibojebuqagetey.dll
[2011/03/14 19:10:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\enosapam.dll
[2011/03/14 17:08:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ayacijezoweqohar.dll
[2011/03/14 15:06:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\osefijorece.dll
[2011/03/14 13:04:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ufuzuhifu.dll
[2011/03/14 11:02:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ehovipej.dll
[2011/03/14 09:00:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ujukukakadikuji.dll
[2011/03/14 06:58:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iladodex.dll
[2011/03/14 04:56:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uxitepinukon.dll
[2011/03/14 02:54:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ufenokec.dll
[2011/03/14 00:52:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\icajozapo.dll
[2011/03/13 22:50:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\atiwazuc.dll
[2011/03/13 20:48:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\eseyemuy.dll
[2011/03/13 18:46:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iyabucuyaj.dll
[2011/03/13 16:44:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\umulocem.dll
[2011/03/13 14:42:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\avulehiz.dll
[2011/03/13 12:40:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ohusuxom.dll
[2011/03/13 11:27:56 | 000,174,281 | ---- | C] () -- C:\WINDOWS\hpoins43.dat.temp
[2011/03/13 11:27:56 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl43.dat.temp
[2011/03/13 10:38:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iganajaz.dll
[2011/03/13 08:36:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\atepodovuje.dll
[2011/03/13 06:34:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\omeyeluk.dll
[2011/03/13 04:32:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ocomixefenoy.dll
[2011/03/13 02:30:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uvinovek.dll
[2011/03/13 00:28:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\odixozoquq.dll
[2011/03/12 22:26:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ewazuwipiqow.dll
[2011/03/12 20:24:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\unorulatoq.dll
[2011/03/12 18:22:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\awidazayujupi.dll
[2011/03/12 16:20:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\egixewug.dll
[2011/03/12 14:18:27 | 000,000,517 | ---- | C] () -- C:\WINDOWS\owupiliy.dll
[2011/03/12 12:16:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\upujosifa.dll
[2011/03/12 10:14:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\axobomurediqata.dll
[2011/03/12 08:12:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\usecugofudoca.dll
[2011/03/12 06:10:23 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ilemogav.dll
[2011/03/12 04:08:23 | 000,000,517 | ---- | C] () -- C:\WINDOWS\ibagamep.dll
[2011/03/12 02:06:23 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uvokimakigeji.dll
[2011/03/12 00:04:23 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uhekoyupunepubik.dll
[2011/03/11 22:02:24 | 000,000,517 | ---- | C] () -- C:\WINDOWS\usoripecil.dll
[2011/03/11 20:00:23 | 000,000,517 | ---- | C] () -- C:\WINDOWS\izalanunevif.dll
[2011/03/11 18:41:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\uwayidadotib.dll
[2011/03/11 16:39:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\akojadux.dll
[2011/03/11 14:37:26 | 000,000,517 | ---- | C] () -- C:\WINDOWS\iwefikah.dll
[2011/03/11 12:35:25 | 000,000,517 | ---- | C] () -- C:\WINDOWS\elulosupu.dll
[2011/02/23 16:01:53 | 000,018,454 | -HS- | C] () -- C:\Documents and Settings\harrisap\Local Settings\Application Data\871386874
[2011/02/23 16:01:53 | 000,018,454 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\871386874
[2011/02/13 15:51:22 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011/01/10 17:14:29 | 000,000,113 | ---- | C] () -- C:\WINDOWS\Ppviewer.INI
[2010/09/21 16:19:23 | 000,208,059 | ---- | C] () -- C:\WINDOWS\hpoins43.dat
[2010/09/21 16:19:23 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl43.dat
[2009/06/04 07:03:05 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2009/06/03 21:43:09 | 000,002,752 | ---- | C] () -- C:\WINDOWS\System32\hname.sys
[2009/04/22 14:02:28 | 000,117,158 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/04/22 13:59:16 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2009/04/21 16:23:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\harrisap\Application Data\dm.ini
[2009/04/21 16:23:39 | 000,006,144 | -H-- | C] () -- C:\Documents and Settings\harrisap\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/16 10:10:31 | 000,102,006 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2008/10/16 10:10:31 | 000,017,218 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2008/10/16 09:52:12 | 000,102,006 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2008/10/16 09:52:12 | 000,017,218 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2008/09/30 11:56:20 | 000,102,859 | ---- | C] () -- C:\WINDOWS\HPFins09.dat
[2008/09/30 11:56:20 | 000,003,732 | ---- | C] () -- C:\WINDOWS\hpfmdl09.dat
[2007/10/31 16:12:05 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2007/01/05 11:08:06 | 000,000,026 | ---- | C] () -- C:\WINDOWS\PROFWS32.INI
[2006/12/12 15:33:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\wnUninstall.exe
[2006/11/28 16:18:32 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/05/31 14:14:02 | 000,000,093 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2005/03/22 13:17:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/03/22 13:17:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/03/22 13:17:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/03/22 13:17:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/03/22 13:17:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/03/22 13:17:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/03/14 15:29:32 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2005/03/14 15:25:44 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMBTCTL.INI
[2005/03/14 15:25:32 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\NWLOCALE.DLL
[2005/03/14 15:25:32 | 000,034,122 | ---- | C] () -- C:\WINDOWS\System32\EHBLIC.DLL
[2005/03/14 15:25:31 | 000,079,072 | ---- | C] () -- C:\WINDOWS\System32\CMBTDWG.DLL
[2005/03/14 15:25:31 | 000,000,866 | ---- | C] () -- C:\WINDOWS\CMBTLL.INI
[2005/03/14 15:25:31 | 000,000,077 | ---- | C] () -- C:\WINDOWS\VCBTRV.INI
[2005/03/14 15:24:41 | 000,000,120 | ---- | C] () -- C:\WINDOWS\DDSSetup.ini
[2005/02/01 18:00:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2005/02/01 18:00:44 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/12/02 13:24:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2004/10/13 09:34:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/09/16 08:42:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/05/13 18:36:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/05/13 18:36:34 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/04/13 23:46:02 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2004/04/13 23:46:01 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2004/03/26 23:19:09 | 000,002,599 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/03/23 16:16:40 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll
[2004/03/23 16:15:27 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/03/23 16:15:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\tp4unins.exe
[2004/03/23 16:15:18 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[2004/03/23 16:15:18 | 000,005,053 | ---- | C] () -- C:\WINDOWS\System32\tp4table.dat
[2004/03/23 11:41:25 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/03/19 16:13:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/01/08 14:46:20 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2003/11/24 13:32:53 | 000,000,029 | ---- | C] () -- C:\WINDOWS\vdialer.INI
[2003/11/24 13:17:51 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/11/10 17:38:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WDTCPCON.INI
[2003/11/10 17:33:47 | 000,002,075 | ---- | C] () -- C:\WINDOWS\winhelp.ini
[2003/11/10 17:32:07 | 000,003,635 | ---- | C] () -- C:\WINDOWS\~WDINS.INI
[2003/11/10 15:55:12 | 000,006,698 | ---- | C] () -- C:\WINDOWS\RDSWIN.INI
[2003/11/10 09:51:46 | 000,000,497 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/06 11:31:03 | 000,000,660 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/11/06 08:57:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/11/05 16:22:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/11/05 16:14:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/11/05 13:46:59 | 000,004,327 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/11/05 13:45:54 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/07/07 05:18:34 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\LeeRadon.dll
[2003/07/07 05:16:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\LeeArgon.dll
[2003/07/03 02:25:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ibmpmsvc.exe
[2003/07/03 02:25:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\tpinspm.dll
[2003/05/07 18:16:14 | 001,673,216 | ---- | C] () -- C:\Program Files\fppnt157.exe
[2003/04/10 16:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2002/08/09 11:18:36 | 000,122,368 | ---- | C] () -- C:\WINDOWS\System32\unzdll.dll
[2001/08/23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 13:00:00 | 000,483,690 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 13:00:00 | 000,086,254 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/07/30 09:24:34 | 000,000,218 | ---- | C] () -- C:\WINDOWS\oraodbc.ini

========== LOP Check ==========

[2010/08/25 13:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/08/25 14:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2011/03/23 14:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eLhHlPnDmJj09001
[2011/03/22 15:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hKoLnJpMlPn09001
[2005/09/15 16:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2010/08/27 15:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kds_kodak
[2011/02/13 15:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2011/03/28 00:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\lMhLgEgDeDa06504
[2010/08/10 19:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2011/03/06 17:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oPiIdNn09000
[2011/02/13 16:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/08/10 19:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/09/30 14:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharp
[2008/09/30 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharpdesk
[2009/09/19 15:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/02/13 16:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2004/04/21 12:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/04/14 22:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xactware
[2011/04/08 14:40:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8B607CB0-AD48-44DD-B1F0-B23056B0CEF9}
[2009/07/29 09:21:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\F5 Networks
[2005/03/22 16:51:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\IBM
[2010/10/29 13:25:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\ICAClient
[2011/04/13 14:54:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\Image Zone Express
[2005/04/01 16:33:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\InterVideo
[2004/04/21 15:04:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\Leadertech
[2009/04/23 07:23:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\Sharpdesk
[2011/02/08 18:44:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\Sony Online Entertainment
[2011/04/08 14:25:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\harrisap\Application Data\TeamViewer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E00596C

< End of report >











Now the Extras file...

OTL Extras logfile created on: 5/9/2011 8:34:01 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 36.36 Gb Free Space | 48.78% Space Free | Partition Type: NTFS
Drive D: | 3.65 Gb Total Space | 3.65 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: 7-02650 | User Name: harrisap | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\WinHelp.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
hlpfile [open] -- C:\WINDOWS\WinHelp.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"%programfiles%\NUCOLP\LPLocal.exe:*:enabled:FC&S-Program" = %programfiles%\NUCOLP\LPLocal.exe:*:enabled:FC&S-Program
"%programfiles%\TightVNC\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:enabled:TightVNC" = %programfiles%\TightVNC\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:enabled:TightVNC
"%programfiles%\UltraVnc\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc" = %programfiles%\UltraVnc\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc -- (UltraVNC)

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:Enabled: Offer Remote Assistance" = 135:TCP:*:Enabled: Offer Remote Assistance
"2568:TCP:*:Enabled:SMS-CliHealth" = 2568:TCP:*:Enabled:SMS-CliHealth
"2967:TCP:199.231.8.0/24:Enabled:NAV10.1" = 2967:TCP:199.231.8.0/24:Enabled:NAV10.1
"2967:TCP:199.231.8.160/24:Enabled:NAVDR" = 2967:TCP:199.231.8.160/24:Enabled:NAVDR
"2967:UDP:199.231.8.0/24:Enabled:NAV9.1" = 2967:UDP:199.231.8.0/24:Enabled:NAV9.1
"38293:UDP:199.231.8.0/24:Enabled:NAV9.2" = 38293:UDP:199.231.8.0/24:Enabled:NAV9.2
"5900:TCP:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc-Port" = 5900:TCP:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc-Port
"62515:UDP:*:Enabled:Providence-VPN" = 62515:UDP:*:Enabled:Providence-VPN

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 1
"LogFilePath" = c:\xpfiles\firewall.txt -- ()
"LogFileSize" = 4096

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = localsubnet,199.231.8.0/24,192.168.151.0/24

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = localsubnet,192.168.151.0/24,199.231.8.0/24,192.168.24.0/24

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = localsubnet,199.231.8.0/24,192.168.151.0/24,192.168.24.0/24

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List]
"%programfiles%\NUCOLP\LPLocal.exe:"*":enabled:FC&S-Program" = %programfiles%\NUCOLP\LPLocal.exe:"*":enabled:FC&S-Program
"%programfiles%\TightVNC\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:enabled:TightVNC" = %programfiles%\TightVNC\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:enabled:TightVNC
"%programfiles%\UltraVnc\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc" = %programfiles%\UltraVnc\winvnc.exe:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc -- (UltraVNC)

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List]
"135:TCP:*:enabled:Offer Remote Assistance" = 135:TCP:*:enabled:Offer Remote Assistance
"2568:TCP:*:Enabled:SMS-CliHealth" = 2568:TCP:*:Enabled:SMS-CliHealth
"2967:TCP:199.231.160.0/24:Enabled:NAVDR" = 2967:TCP:199.231.160.0/24:Enabled:NAVDR
"2967:TCP:199.231.8.0/24:Enabled:NAV10.1" = 2967:TCP:199.231.8.0/24:Enabled:NAV10.1
"2967:UDP:199.231.8.0/24:Enabled:NAV9.1" = 2967:UDP:199.231.8.0/24:Enabled:NAV9.1
"38293:UDP:199.231.8.0/24:Enabled:NAV9.2" = 38293:UDP:199.231.8.0/24:Enabled:NAV9.2
"5900:TCP:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc-Port" = 5900:TCP:LocalSubNet,192.168.24.0/24,199.231.8.0/24,192.168.151.0/24:Enabled:UltraVnc-Port
"62515:UDP:*:Enabled:Providence-VPN" = 62515:UDP:*:Enabled:Providence-VPN

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 1
"LogFilePath" = c:\xpfiles\firewall.txt -- ()
"LogFileSize" = 4096

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = localsubnet,192.168.151.0/24,192.168.24.0/24,199.231.8.0/24

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = localsubnet,192.168.151.0/24,199.231.8.0/24,192.168.24.0/24

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = localsubnet,192.168.151.0/24,192.168.24.0/24,199.231.8.0/24

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"2967:TCP" = 2967:TCP:199.231.8.0/255.255.255.0:Enabled:NAV10.1
"5900:TCP" = 5900:TCP:LocalSubNet,192.168.24.0/255.255.255.0,199.231.8.0/255.255.255.0,192.168.151.0/255.255.255.0:Enabled:UltraVnc-Port
"2967:UDP" = 2967:UDP:199.231.8.0/255.255.255.0:Enabled:NAV9.1
"38293:UDP" = 38293:UDP:199.231.8.0/255.255.255.0:Enabled:NAV9.2
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:LocalSubnet,192.168.24.0/255.255.255.0,192.168.151.0/255.255.255.0,199.231.8.0/255.255.255.0:Enabled:@xpsp2res.dll,-22009
"2568:TCP" = 2568:TCP:*:Enabled:SMS-CliHealth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2967:TCP" = 2967:TCP:199.231.8.0/255.255.255.0:Enabled:NAV10.1
"5900:TCP" = 5900:TCP:*:Enabled:VNC
"2967:UDP" = 2967:UDP:199.231.8.0/255.255.255.0:Enabled:NAV9.1
"38293:UDP" = 38293:UDP:199.231.8.0/255.255.255.0:Enabled:NAV9.2
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:LocalSubnet,192.168.24.0/255.255.255.0,192.168.151.0/255.255.255.0,199.231.8.0/255.255.255.0:Enabled:@xpsp2res.dll,-22009
"2568:TCP" = 2568:TCP:*:Enabled:SMS-CliHealth
"5800:TCP" = 5800:TCP:*:Enabled:VNC Java
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%programfiles%\UltaVnc\winvnc.exe" = %programfiles%\UltaVnc\winvnc.exe:LocalSubNet,192.168.24.0/255.255.255.0,199.231.8.0/255.255.255.0,192.168.151.0/255.255.255.0:enabled:UltraVnc
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe
"C:\Program Files\Sharp\Sharpdesk\FTPServer.exe" = C:\Program Files\Sharp\Sharpdesk\FTPServer.exe:*:Enabled:FTPServer.exe -- (SHARP CORPORATION)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%programfiles%\UltaVnc\winvnc.exe" = %programfiles%\UltaVnc\winvnc.exe:LocalSubNet,192.168.24.0/255.255.255.0,199.231.8.0/255.255.255.0,192.168.151.0/255.255.255.0:enabled:UltraVnc
"C:\Program Files\Common Files\Eyewitness News Alert\TrueWeather.exe" = C:\Program Files\Common Files\Eyewitness News Alert\TrueWeather.exe:*:Enabled:TrueWeather
"C:\Program Files\Sharp\Sharpdesk\FTPServer.exe" = C:\Program Files\Sharp\Sharpdesk\FTPServer.exe:*:Enabled:Network Scanner Tool -- (SHARP CORPORATION)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024E6362-7D37-4D78-93F9-00C1747DA645}" = Residential Component Technology - Standalone
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = IBM DLA
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (XACTWARE)
"{2D371881-67FB-4EAB-B59A-F59DC43199DD}" = LG United Mobile Drivers
"{2D9F0FA0-B9EE-47D1-8A0D-8E973421D45A}" = Upgrade
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3248F0A8-6813-11D6-A77B-00B0D0150140}" = J2SE Runtime Environment 5.0 Update 14
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{52D97366-9779-43AB-98A2-91600DCD9102}" = Enterprise
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578596FF-7F65-4767-9F90-37920741148C}" = MSN Toolbar Platform
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{5B5B3D92-A765-4AD5-9752-30BA2C71C314}" = Lotus Notes 6.5.1
"{5C4538D2-28BC-4C85-942B-1780477E51C7}" = GAB Wallpaper
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}" = F5 Networks VPN Client for Windows
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7ADE9F27-A175-447F-A4B4-B05FA82735E1}" = HP Deskjet 6900 series
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8885297C-03D1-49F9-9D70-FA957A8B7EBE}" = Archive Add-in
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{513D124D-E3FA-4E59-BE0A-9B9BCB81F8DF}" =
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = IBM RecordNow!
"{A011A1DC-7F1D-4EA8-BD11-0C5F9718E428}" = Symantec AntiVirus
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A8AD990E-355A-4413-8647-A9B168978423}_is1" = [email protected] Release 1.0.0 RC 18 - Win32
"{AC1314E7-D28C-40A1-B322-80D2868D35CE}" = HP PSC & Officejet 4.2 Corporate Edition
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B27901FA-F157-4049-B1EC-BC43890A1DCC}" = [email protected] File Recovery
"{B5599ECB-DA72-43EE-8A30-2C80396FF8BB}" = Access IBM
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B8112D71-2A3B-47B7-9DD6-EB96B8FE6CB4}" = ACIS Professional Workstation Executables
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{BEAB52AB-833E-4F86-083E-8752BBB00015}" = Symantec Ghost Console Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CAD66E07-E773-4640-A5D4-AFC5BC83D90F}" = ACIS Professional Workstation for Windows XP
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DDA316B2-039B-474C-BD9C-585C61B9BAC7}" = Virtela Dialer
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCDC3CDD-F53E-4239-8CA5-BC492942931B}" = SMS Advanced Client
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Access IBM Tools" = Access IBM Tools
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Archive Add-in" = Archive Add-in
"ATI Display Driver" = ATI Display Driver
"CentraClient" = Centra Client
"CentraOneClient" = CentraOne
"Citrix ICA Client" = Citrix ICA Client
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DocumentDirectV2.1" = DocumentDirect 2.1
"FinalRecovery_is1" = FinalRecovery 2.0
"FinePrint pdfFactory" = FinePrint pdfFactory
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F}" = PC-Doctor for Windows
"InstallShield_{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Meetsoft FinalRecovery_is1" = FinalRecovery 2.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"MySQL Connector/ODBC 3.51" = MySQL Connector/ODBC 3.51
"Office14.STANDARD" = Microsoft Office Standard 2010
"Power Management Driver" = IBM ThinkPad Power Management Driver
"PROSet" = Intel® PRO Network Adapters and Drivers
"RCA Detective™_is1" = RCA Detective™ 3.0.0.101
"RCA easyRip_is1" = RCA easyRip 2.4.6.0
"RCA Updater_is1" = RCA Updater 2.0.0.0
"SalvageRecovery for Windows_is1" = SalvageRecovery for Windows 1.01
"ScanSoft PaperPort Viewer 7.0" = ScanSoft PaperPort Viewer 7.0
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Shop for HP Supplies" = Shop for HP Supplies
"TrackPoint" = IBM TrackPoint Support
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"beanfun!" = web beanfun!
"SOE-Clone Wars" = Clone Wars

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2011 11:02:14 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 7:02:14 AM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 3:02:13 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 3:22:01 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:01 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:04 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:04 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:06 PM | Computer Name = 7-02650 | Source = NSSDK.CprXml.1 | ID = 34938914
Description = Operation timed out when pinging IP 192.168.25.205. (0x82150737)

Error - 5/8/2011 11:02:13 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/9/2011 7:02:13 AM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

[ Application Events ]
Error - 5/7/2011 11:02:14 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 7:02:14 AM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 3:02:13 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/8/2011 3:22:01 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:01 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:04 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:04 PM | Computer Name = 7-02650 | Source = NSSDK.MfpifValidator.1 | ID = 34938914
Description =

Error - 5/8/2011 3:22:06 PM | Computer Name = 7-02650 | Source = NSSDK.CprXml.1 | ID = 34938914
Description = Operation timed out when pinging IP 192.168.25.205. (0x82150737)

Error - 5/8/2011 11:02:13 PM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 5/9/2011 7:02:13 AM | Computer Name = 7-02650 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

[ System Events ]
Error - 5/7/2011 6:47:35 PM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/7/2011 10:47:35 PM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 2:47:36 AM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 6:47:36 AM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 10:47:37 AM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 2:47:37 PM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 6:47:37 PM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/8/2011 10:47:37 PM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/9/2011 2:47:38 AM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 5/9/2011 6:47:39 AM | Computer Name = 7-02650 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain GABNA-AD due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP