I have a PC that's running Windows XP and very time that i try to open a program file it either says application not found orbrings up the Open With file. I tried a program called fixdrive and that didn't help out. I also ran a full virus scan with Malwarebytes and all viruses have bene removed. Help, please.
Open With Virus
Started by
cmann91k
, Jul 20 2011 11:04 AM
-
This topic is locked
#1
Posted 20 July 2011 - 11:04 AM
cmann91k
-
- Member
-
- 3 posts
New Member
I have a PC that's running Windows XP and very time that i try to open a program file it either says application not found orbrings up the Open With file. I tried a program called fixdrive and that didn't help out. I also ran a full virus scan with Malwarebytes and all viruses have bene removed. Help, please.
#2
Posted 22 July 2011 - 04:38 PM
Nedklaw
-
- Malware Removal
-
- 1,652 posts
Trusted Helper
Hello, cmann91k! 
I'm Nedklaw and I'll be glad to help you with your malware issues. 
I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.
These instructions are specifically designed for cmann91k only. No one else should follow these instructions because it can cause serious damage to your computer.
Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:
First, I would like to get some logs off you to identify any malware.
Step 1
Download OTL to your Desktop.
Step 2
Download aswMBR.exe (1.8mb) to your desktop.
Double click aswMBR.exe to run it.
Click the "Scan" button to start the scan.
On completion of the scan click save log, save it to your desktop and post it in your next reply.
Things I want to see in your next reply
I'm Nedklaw and I'll be glad to help you with your malware issues. I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.
These instructions are specifically designed for cmann91k only. No one else should follow these instructions because it can cause serious damage to your computer.
Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:
- Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
- Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
- Be patient with me, logs can take some time to research and my life can mean that I'm busy.
- Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
- If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
- NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
- Refrain from running any other tools apart from the ones I tell you to.
First, I would like to get some logs off you to identify any malware.
Step 1
Download OTL to your Desktop.- Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
- Select Scan All Users.
- Under the Custom Scan box paste this in:
netsvcs %SYSTEMDRIVE%\*.exe %USERPROFILE%\..|smtmp;true;true;true /FP /md5start explorer.exe winlogon.exe Userinit.exe svchost.exe /md5stop %systemroot%\*. /mp /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Step 2
Download aswMBR.exe (1.8mb) to your desktop.
Double click aswMBR.exe to run it.
Click the "Scan" button to start the scan.
On completion of the scan click save log, save it to your desktop and post it in your next reply.
Things I want to see in your next reply
- OTL.txt
- Extras.txt
- aswMBR.txt
#3
Posted 23 July 2011 - 08:30 AM
cmann91k
- Topic Starter
-
- Member
-
- 3 posts
New Member
Thank you so much for getting back to me.
I downloaded the programs listed in both your first and second reply but I was unable to open them because I was prompted with "Open With".
Thanks Again
I downloaded the programs listed in both your first and second reply but I was unable to open them because I was prompted with "Open With".
Thanks Again
#4
Posted 24 July 2011 - 06:12 AM
Nedklaw
-
- Malware Removal
-
- 1,652 posts
Trusted Helper
Hi.
Your welcome!!!
Step 1
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan).
Step 2
Please try and open OTL and aswMBR after you have run exeHelper. If they open, follow the instructions in my first post.
Things I want to see in your next reply
Your welcome!!!
Step 1
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan).
Step 2
Please try and open OTL and aswMBR after you have run exeHelper. If they open, follow the instructions in my first post.
Things I want to see in your next reply
- exehelperlog.txt
- OTL.txt
- Extras.txt
- aswMBR.txt
#5
Posted 24 July 2011 - 03:57 PM
cmann91k
- Topic Starter
-
- Member
-
- 3 posts
New Member
Hi Again,
The fix workd nd allowed me to open OTL and aswMBR. Below are the things you requested.
exe Log:
exeHelper by Raktor
Build 20100414
Run at 17:38:12 on 07/24/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
exeHelper by Raktor
Build 20100414
Run at 17:52:46 on 07/24/11
Now searching...
Checking for numerical processes...
OTL Logs:
OTL logfile created on: 7/24/2011 5:40:54 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 439.87 Mb Available Physical Memory | 43.02% Memory free
2.40 Gb Paging File | 1.94 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.66 Gb Total Space | 237.44 Gb Free Space | 87.73% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 0.42 Gb Free Space | 4.82% Space Free | Partition Type: FAT32
Drive F: | 702.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: LRM | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
PRC - [2010/11/10 03:57:28 | 000,715,440 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/09/24 16:44:26 | 001,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/09/04 14:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2008/11/19 10:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2005/08/03 02:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
========== Modules (SafeList) ==========
MOD - [2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/11/10 03:57:28 | 000,715,440 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2009/09/24 17:16:40 | 000,345,352 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2009/09/24 17:16:38 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2009/09/04 14:17:00 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009/09/04 14:16:54 | 005,893,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/09/04 14:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2008/11/19 10:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/07/25 18:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2005/08/03 02:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2005/03/14 22:05:02 | 000,069,632 | ---- | M] (HP) [Boot | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/07/30 13:29:10 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2010/07/30 13:29:00 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2010/07/30 13:06:08 | 001,331,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2010/07/19 14:03:10 | 000,059,472 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/19 14:03:00 | 000,051,792 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/19 14:02:54 | 000,163,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/09/24 17:54:10 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/01/05 21:32:55 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/03 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008/09/03 04:00:00 | 000,099,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/05/09 12:28:52 | 000,018,560 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vtcdrv.sys -- (vtcdrv)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/04/20 17:35:16 | 000,082,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
DRV - [2006/03/08 16:27:12 | 004,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/03 17:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/12 20:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 14:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 14:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/06/29 20:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 10:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\HP_Administrator\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/08/31 17:10:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/08/31 17:10:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks [2009/09/25 17:10:07 | 000,000,000 | ---D | M]
[2009/05/16 18:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2009/05/16 18:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2009/02/28 20:10:58 | 000,001,551 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 a1.review.zdnet.com
O1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.com
O1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 www.reviews.download.com
O1 - Hosts: 217.20.175.74 reviews.download.com
O1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.c.uk
O1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.pcmag.com
O1 - Hosts: 217.20.175.74 reviews.pcmag.com
O1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.reevoo.com
O1 - Hosts: 217.20.175.74 reviews.reevoo.com
O1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.techradar.com
O1 - Hosts: 217.20.175.74 reviews.techradar.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\Run: [cIUBNKMktstKy] C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe ()
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips SA52XX Device Manager.lnk = C:\Program Files\Philips\SA52xx Device Manager\SA52xx_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\FrostWire On Startup.lnk = File not found
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/10 08:49:38 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{417826d4-783a-11dd-9dcd-001731c63527}\Shell\AutoRun\command - "" = L:\setupSNK.exe
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell - "" = AutoRun
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011/07/23 10:29:37 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
[2011/07/23 10:27:38 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/07/20 12:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3
[2011/07/17 22:04:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/17 22:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/17 22:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/17 22:04:14 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/17 22:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/17 22:01:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/07/10 04:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AimOne
[2011/07/10 04:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Aimone
[2011/07/10 04:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\AimOne AVI Converter
[2011/07/10 04:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\dtband
[2011/07/10 04:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\somototoolbar
[2011/07/10 04:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\somototoolbar
[2011/07/10 03:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Clip Extractor Toolbar
[2011/07/10 03:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Clip Extractor
[2011/07/10 03:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Clip Extractor
[2011/07/10 03:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auto Updater
[2011/07/10 03:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Auto Updater
[2011/07/10 03:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\Auto Updater
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2049/12/31 16:00:00 | 000,940,271 | R--- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\scan0009.jpg
[2011/07/24 17:38:06 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\exeHelper.com
[2011/07/24 16:26:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/24 15:59:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AutoUpdaterTask.job
[2011/07/23 17:26:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/23 10:29:37 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
[2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/07/23 10:22:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/23 10:22:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/23 10:22:15 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 12:41:43 | 000,016,254 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3.zip
[2011/07/20 12:32:26 | 000,468,992 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe
[2011/07/18 12:20:22 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\wbr2310_firmware_104.bin
[2011/07/17 22:04:18 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/16 12:24:32 | 000,000,185 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\671n8w107xhhsv
[2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\671n8w107xhhsv
[2011/07/16 12:22:14 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/15 19:15:08 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\mcs.rma
[2011/07/15 19:15:08 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\386906
[2011/07/10 04:41:28 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/10 04:40:01 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\afd0724f
[2011/07/10 04:40:00 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\43701f03
[2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62ba9efe
[2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\618de968
[2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2a5117fb
[2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2940ad83
[2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2d662f19
[2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2c81382c
[2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53c5017
[2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\39c578e
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\67d72db9
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\66b77a9e
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\65310b8c
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\641c47ee
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62f322bf
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5cdcb508
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ba1b8f4
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53e60e06
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\355947c6
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\342c9a73
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\32c8d96c
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\31cf0a65
[2011/07/10 04:39:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2ca04da9
[2011/07/10 04:28:44 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2011/07/10 04:21:31 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\8e088938
[2011/07/10 04:21:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\201ecac2
[2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9ba3e325
[2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9909f238
[2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f307c6f
[2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\e307d61
[2011/07/10 04:16:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ccc59285
[2011/07/10 04:16:11 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ada9b596
[2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a4748054
[2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a3863604
[2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ec6d922
[2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5db8499d
[2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\71b804d3
[2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\70625ad5
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\fbfb15ab
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\faf894c3
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f9baff25
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f8dbc85f
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f7950557
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f625be94
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f330a795
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\dbe9c3a7
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c6107925
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c5200fb4
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c191c5b0
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c0a249eb
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\b46e640e
[2011/07/10 04:08:34 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AimOne AVI Converter.lnk
[2011/07/10 03:59:35 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 18:31:28 | 007,108,067 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Kelly Rowland ft. Lil Wayne - Motivation.mp3
[2011/07/01 20:02:04 | 000,071,874 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Accepted Financial Aid Packet.pdf
[2011/06/30 10:29:39 | 000,077,250 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\AR-M455N_20110624_095921.pdf
[2011/06/29 18:38:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/24 17:38:05 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\exeHelper.com
[2011/07/20 12:41:49 | 000,016,254 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3.zip
[2011/07/20 12:32:25 | 000,468,992 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe
[2011/07/18 12:20:18 | 001,048,576 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\wbr2310_firmware_104.bin
[2011/07/18 09:45:32 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/17 22:04:18 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/16 10:46:44 | 000,016,612 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\671n8w107xhhsv
[2011/07/16 10:46:44 | 000,016,612 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\671n8w107xhhsv
[2011/07/10 04:40:01 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\afd0724f
[2011/07/10 04:40:00 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\43701f03
[2011/07/10 04:39:57 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\62ba9efe
[2011/07/10 04:39:57 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\618de968
[2011/07/10 04:39:54 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2a5117fb
[2011/07/10 04:39:54 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2940ad83
[2011/07/10 04:39:25 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2d662f19
[2011/07/10 04:39:25 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2c81382c
[2011/07/10 04:39:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\53c5017
[2011/07/10 04:39:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\39c578e
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\67d72db9
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\66b77a9e
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\65310b8c
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\641c47ee
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\62f322bf
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5cdcb508
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ba1b8f4
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\53e60e06
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\355947c6
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\342c9a73
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\32c8d96c
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\31cf0a65
[2011/07/10 04:39:16 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2ca04da9
[2011/07/10 04:28:44 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2011/07/10 04:21:31 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\8e088938
[2011/07/10 04:21:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\201ecac2
[2011/07/10 04:21:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\9ba3e325
[2011/07/10 04:21:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\9909f238
[2011/07/10 04:21:05 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f307c6f
[2011/07/10 04:21:05 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\e307d61
[2011/07/10 04:16:16 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ccc59285
[2011/07/10 04:16:11 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ada9b596
[2011/07/10 04:16:04 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\a4748054
[2011/07/10 04:16:04 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\a3863604
[2011/07/10 04:15:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ec6d922
[2011/07/10 04:15:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5db8499d
[2011/07/10 04:15:13 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\71b804d3
[2011/07/10 04:15:13 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\70625ad5
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\fbfb15ab
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\faf894c3
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f9baff25
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f8dbc85f
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f7950557
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f625be94
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f330a795
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\dbe9c3a7
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c6107925
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c5200fb4
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c191c5b0
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c0a249eb
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\b46e640e
[2011/07/10 04:08:34 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AimOne AVI Converter.lnk
[2011/07/10 03:59:35 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2011/07/10 03:59:30 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\AutoUpdaterTask.job
[2011/07/03 19:07:27 | 007,108,067 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Kelly Rowland ft. Lil Wayne - Motivation.mp3
[2011/07/01 20:02:04 | 000,071,874 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Accepted Financial Aid Packet.pdf
[2011/06/30 10:29:38 | 000,077,250 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\AR-M455N_20110624_095921.pdf
[2011/06/29 18:38:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/09/03 18:10:06 | 000,000,890 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/09/02 21:01:50 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/17 03:02:46 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/09/20 13:57:43 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\mcs.rma
[2008/09/20 13:57:43 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\386906
[2008/08/31 11:22:19 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/31 11:09:37 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2006/06/10 09:17:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/10 08:57:11 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/06/10 08:53:08 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
[2006/06/10 08:52:20 | 000,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/06/10 08:52:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/06/10 08:49:54 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/06/10 08:47:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/10 08:36:50 | 000,000,328 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/10 08:36:11 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/06/10 08:36:11 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/06/10 08:31:30 | 000,080,417 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2006/06/10 08:31:30 | 000,004,011 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2006/06/10 08:30:30 | 000,090,686 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2006/06/10 08:30:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2006/06/10 08:26:48 | 000,109,104 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2006/06/10 08:26:48 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2006/06/10 08:24:20 | 000,112,942 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2006/06/10 08:24:20 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2006/06/10 08:22:17 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/10 08:21:22 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/06/10 08:18:05 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/10 08:18:05 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/06/10 08:18:05 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/10 08:18:05 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/06/10 08:18:05 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/10 08:18:05 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/10 08:18:04 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/06/10 08:18:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/10 08:16:52 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/10 07:56:41 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/06/10 07:56:41 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/06/10 07:56:25 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/17 20:23:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/31 00:17:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/31 00:07:46 | 000,445,700 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/31 00:07:46 | 000,072,780 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/31 00:05:30 | 000,333,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/31 00:01:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 23:58:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/06 00:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 02:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/10 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/10 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/26 10:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001/08/23 11:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 11:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/07 01:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2011/07/10 03:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auto Updater
[2010/06/17 18:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2006/06/10 08:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2009/02/14 22:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/11/29 10:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/24 15:59:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AutoUpdaterTask.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/10 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2004/08/10 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/10 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/10 00:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/10 00:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/10 00:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/10 00:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\:
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: -chrome "chrome://browser/content/pref/pref.xul"
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\:
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: -chrome "chrome://browser/content/pref/pref.xul"
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Extras Log::
OTL Extras logfile created on: 7/24/2011 5:40:54 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 439.87 Mb Available Physical Memory | 43.02% Memory free
2.40 Gb Paging File | 1.94 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.66 Gb Total Space | 237.44 Gb Free Space | 87.73% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 0.42 Gb Free Space | 4.82% Space Free | Partition Type: FAT32
Drive F: | 702.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: LRM | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"K:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe" = K:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"L:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe" = L:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"G:\Playlists\LimeWire\LimeWire.exe" = G:\Playlists\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}" = muvee autoProducer 5.0
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352F5013-07DC-446D-8DB6-38F339086C60}" = LightScribe 1.4.84.1
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3CF99DC3-38FD-46E6-A6B4-9C70074E020C}" = DocumentViewer
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{4481BA2A-BD8B-4161-B51E-D5F85CF5742B}" = 2400_2500trb
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53D07738-CEC7-49F1-AD0E-FB9B47E5F85C}" = 23_24_2500Tour
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{57729BE1-DE2C-45DB-9FFA-5C1949679B3E}" = Watchtower Library 2010 - English
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5D61626A-BD55-4e42-82EE-4AE89D8FD050}" = HP Photosmart Cameras 6.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}" = muvee autoProducer unPlugged 2.0
"{6294CE03-1A16-4610-891E-FDAF9A585A54}" = SA52xx Device Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A118C80-B382-41c0-8907-CDD0BF5EFE6E}" = CameraDrivers
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro AntiVirus
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{819FEC51-BC58-44BC-9302-06D91CE63418}" = 2400_2500Help
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = ArcSoft MediaConverter 2.5
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro AntiVirus
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD84214-F7E4-448F-A9EB-9ACBFDFEA32B}" = 2400
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9DD2DE0-27BE-4e6b-AAD8-0D960ABF87FD}" = CameraUserGuides
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}" = DocProc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone
"{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}" = HP PSC & OfficeJet 6.1.A
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EDB2ACBA-3B50-4B75-BE52-197C8154D16A}_is1" = AimOne AVI Converter 1.51
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AutoUpdater_is1" = Auto Updater 1.0.0.4
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Clip Extractor Toolbar" = Clip Extractor Toolbar
"Clip Extractor_is1" = Clip Extractor 3.6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"DISCover" = DISCover
"ENTERPRISER" = Microsoft Office Enterprise 2007
"FrostWire" = FrostWire 4.21.6
"HP Document Viewer" = HP Document Viewer 6.1
"HP Game Console" = HP Game Console
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HP Rhapsody" = HP Rhapsody
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.1
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Netscape Browser" = Netscape Browser (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"WT004613" = Tornado Jockey
"WT005513" = Super Granny
"WT005515" = Polar Bowler
"WT005517" = Blasterball 2 Remix
"WT005518" = Polar Golfer
"WT005519" = Ricochet Lost Worlds
"WT005520" = Blackhawk Striker 2
"WT005521" = Blasterball 2 Revolution
"WT005523" = Tradewinds
"WT005524" = Bounce Symphony
"WT005630" = Alien Outbreak 2
"WT005631" = Fairies
"WT005632" = Snowy The Bears Adventure
"WT005634" = Bejeweled 2 Deluxe
"WT005635" = Big Kahuna Reef
"WT005636" = Bookworm Deluxe
"WT005637" = Chuzzle Deluxe
"WT005638" = Diner Dash
"WT005639" = Family Feud
"WT005640" = Flip Words
"WT005641" = Insaniquarium Deluxe
"WT005642" = Jewel Quest
"WT005643" = Mah Jong Quest
"WT005644" = Mystery Case Files
"WT005645" = Poker Superstars
"WT005646" = SCRABBLE
"WT005647" = Slingo Deluxe
"WT005648" = Tennis Titans
"WT006069" = FATE
"WT006072" = Ancient Sudoku
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Zune" = Zune
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/10/2011 4:34:18 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:34:51 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:35:36 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:42:22 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:42:55 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:43:28 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 7:38:37 PM | Computer Name = LRM | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/15/2011 10:47:36 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18928, fault address 0x00067838.
Error - 7/17/2011 9:05:13 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module shell32.dll, version 6.0.2900.3402, fault address 0x0006f8bb.
Error - 7/23/2011 12:04:06 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18928, fault address 0x001f3a53.
[ OSession Events ]
Error - 6/28/2009 7:47:39 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/28/2009 7:47:54 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/29/2009 8:10:59 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 596093
seconds with 10260 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:36:25 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 325589
seconds with 5460 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:39:29 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 166
seconds with 120 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:41:12 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 89
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:41:50 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/18/2011 12:32:05 PM | Computer Name = LRM | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 7/18/2011 12:32:05 PM | Computer Name = LRM | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 7/19/2011 12:36:46 PM | Computer Name = LRM | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 7/19/2011 12:36:46 PM | Computer Name = LRM | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 7/20/2011 12:47:34 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2
Error - 7/20/2011 12:52:40 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 7/20/2011 5:04:30 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the ARSVC service.
Error - 7/23/2011 10:22:33 AM | Computer Name = LRM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2
Error - 7/23/2011 10:27:32 AM | Computer Name = LRM | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 7/23/2011 1:26:59 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the ARSVC service.
< End of report >
aswMBR Logs:
aswMBR version 0.9.8.977 Copyright© 2011 AVAST Software
Run date: 2011-07-24 17:48:29
-----------------------------
17:48:29.656 OS Version: Windows 5.1.2600 Service Pack 2
17:48:29.656 Number of processors: 2 586 0x4B02
17:48:29.656 ComputerName: LRM UserName:
17:48:30.453 Initialize success
17:49:01.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
17:49:01.468 Disk 0 Vendor: SAMSUNG_HD300LJ ZT100-12 Size: 286168MB BusType: 3
17:49:01.500 Disk 0 MBR read successfully
17:49:01.500 Disk 0 MBR scan
17:49:01.500 Disk 0 unknown MBR code
17:49:01.515 Disk 0 scanning sectors +586066320
17:49:01.578 Disk 0 scanning C:\WINDOWS\system32\drivers
17:49:05.859 Service scanning
17:49:06.921 Modules scanning
17:49:12.796 Disk 0 trace - called modules:
17:49:12.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:49:12.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e6fab8]
17:49:12.812 3 CLASSPNP.SYS[f757105b] -> nt!IofCallDriver -> \Device\00000077[0x86f78f18]
17:49:12.812 5 ACPI.sys[f73e7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x86f0f940]
17:49:12.812 Scan finished successfully
17:49:30.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
17:49:30.296 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"
Thanks again for your help!!
The fix workd nd allowed me to open OTL and aswMBR. Below are the things you requested.
exe Log:
exeHelper by Raktor
Build 20100414
Run at 17:38:12 on 07/24/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
exeHelper by Raktor
Build 20100414
Run at 17:52:46 on 07/24/11
Now searching...
Checking for numerical processes...
OTL Logs:
OTL logfile created on: 7/24/2011 5:40:54 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 439.87 Mb Available Physical Memory | 43.02% Memory free
2.40 Gb Paging File | 1.94 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.66 Gb Total Space | 237.44 Gb Free Space | 87.73% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 0.42 Gb Free Space | 4.82% Space Free | Partition Type: FAT32
Drive F: | 702.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: LRM | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
PRC - [2010/11/10 03:57:28 | 000,715,440 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/09/24 16:44:26 | 001,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/09/04 14:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2008/11/19 10:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2005/08/03 02:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
========== Modules (SafeList) ==========
MOD - [2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/11/10 03:57:28 | 000,715,440 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2009/09/24 17:16:40 | 000,345,352 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2009/09/24 17:16:38 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2009/09/04 14:17:00 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009/09/04 14:16:54 | 005,893,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/09/04 14:16:54 | 000,058,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2008/11/19 10:47:24 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/07/25 18:03:42 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/07/25 18:03:42 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2005/08/03 02:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2005/03/14 22:05:02 | 000,069,632 | ---- | M] (HP) [Boot | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/07/30 13:29:10 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2010/07/30 13:29:00 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2010/07/30 13:06:08 | 001,331,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2010/07/19 14:03:10 | 000,059,472 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/19 14:03:00 | 000,051,792 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/19 14:02:54 | 000,163,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/09/24 17:54:10 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/01/05 21:32:55 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/09/03 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008/09/03 04:00:00 | 000,099,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/05/09 12:28:52 | 000,018,560 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vtcdrv.sys -- (vtcdrv)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/04/20 17:35:16 | 000,082,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
DRV - [2006/03/08 16:27:12 | 004,246,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/03/03 17:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 17:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/12 20:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 14:20:50 | 000,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 14:20:40 | 000,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/06/29 20:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 17:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 10:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...LION&pf=desktop
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\HP_Administrator\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/08/31 17:10:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/08/31 17:10:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\HP_Administrator\Application Data\Move Networks [2009/09/25 17:10:07 | 000,000,000 | ---D | M]
[2009/05/16 18:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2009/05/16 18:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2009/02/28 20:10:58 | 000,001,551 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 a1.review.zdnet.com
O1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.com
O1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 www.reviews.download.com
O1 - Hosts: 217.20.175.74 reviews.download.com
O1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.c.uk
O1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.pcmag.com
O1 - Hosts: 217.20.175.74 reviews.pcmag.com
O1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.reevoo.com
O1 - Hosts: 217.20.175.74 reviews.reevoo.com
O1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.techradar.com
O1 - Hosts: 217.20.175.74 reviews.techradar.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (TODO: <Company name>)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\Run: [cIUBNKMktstKy] C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe ()
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Philips SA52XX Device Manager.lnk = C:\Program Files\Philips\SA52xx Device Manager\SA52xx_DeviceManager.exe (Philips)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\FrostWire On Startup.lnk = File not found
O4 - Startup: C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/10 08:49:38 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{417826d4-783a-11dd-9dcd-001731c63527}\Shell\AutoRun\command - "" = L:\setupSNK.exe
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell - "" = AutoRun
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fb6c15aa-9dad-11de-9e0c-001731c63527}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011/07/23 10:29:37 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
[2011/07/23 10:27:38 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/07/20 12:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3
[2011/07/17 22:04:18 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/17 22:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/17 22:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/17 22:04:14 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/17 22:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/17 22:01:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/07/10 04:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AimOne
[2011/07/10 04:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Aimone
[2011/07/10 04:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\AimOne AVI Converter
[2011/07/10 04:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\dtband
[2011/07/10 04:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\somototoolbar
[2011/07/10 04:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\somototoolbar
[2011/07/10 03:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Clip Extractor Toolbar
[2011/07/10 03:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Clip Extractor
[2011/07/10 03:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Clip Extractor
[2011/07/10 03:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auto Updater
[2011/07/10 03:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Auto Updater
[2011/07/10 03:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\Auto Updater
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2049/12/31 16:00:00 | 000,940,271 | R--- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\scan0009.jpg
[2011/07/24 17:38:06 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\exeHelper.com
[2011/07/24 16:26:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/24 15:59:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AutoUpdaterTask.job
[2011/07/23 17:26:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/23 10:29:37 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
[2011/07/23 10:27:22 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/07/23 10:22:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/23 10:22:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/23 10:22:15 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/20 12:41:43 | 000,016,254 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3.zip
[2011/07/20 12:32:26 | 000,468,992 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe
[2011/07/18 12:20:22 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\wbr2310_firmware_104.bin
[2011/07/17 22:04:18 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/16 12:24:32 | 000,000,185 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\671n8w107xhhsv
[2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\671n8w107xhhsv
[2011/07/16 12:22:14 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/15 19:15:08 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\mcs.rma
[2011/07/15 19:15:08 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\386906
[2011/07/10 04:41:28 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/10 04:40:01 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\afd0724f
[2011/07/10 04:40:00 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\43701f03
[2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62ba9efe
[2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\618de968
[2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2a5117fb
[2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2940ad83
[2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2d662f19
[2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2c81382c
[2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53c5017
[2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\39c578e
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\67d72db9
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\66b77a9e
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\65310b8c
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\641c47ee
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62f322bf
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5cdcb508
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ba1b8f4
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53e60e06
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\355947c6
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\342c9a73
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\32c8d96c
[2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\31cf0a65
[2011/07/10 04:39:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2ca04da9
[2011/07/10 04:28:44 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2011/07/10 04:21:31 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\8e088938
[2011/07/10 04:21:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\201ecac2
[2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9ba3e325
[2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9909f238
[2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f307c6f
[2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\e307d61
[2011/07/10 04:16:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ccc59285
[2011/07/10 04:16:11 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ada9b596
[2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a4748054
[2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a3863604
[2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ec6d922
[2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5db8499d
[2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\71b804d3
[2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\70625ad5
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\fbfb15ab
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\faf894c3
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f9baff25
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f8dbc85f
[2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f7950557
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f625be94
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f330a795
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\dbe9c3a7
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c6107925
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c5200fb4
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c191c5b0
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c0a249eb
[2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\b46e640e
[2011/07/10 04:08:34 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AimOne AVI Converter.lnk
[2011/07/10 03:59:35 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/03 18:31:28 | 007,108,067 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Kelly Rowland ft. Lil Wayne - Motivation.mp3
[2011/07/01 20:02:04 | 000,071,874 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Accepted Financial Aid Packet.pdf
[2011/06/30 10:29:39 | 000,077,250 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\AR-M455N_20110624_095921.pdf
[2011/06/29 18:38:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/24 17:38:05 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\exeHelper.com
[2011/07/20 12:41:49 | 000,016,254 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\fixdrive_v1_3.zip
[2011/07/20 12:32:25 | 000,468,992 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe
[2011/07/18 12:20:18 | 001,048,576 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\wbr2310_firmware_104.bin
[2011/07/18 09:45:32 | 1072,222,208 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/17 22:04:18 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/16 10:46:44 | 000,016,612 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\671n8w107xhhsv
[2011/07/16 10:46:44 | 000,016,612 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\671n8w107xhhsv
[2011/07/10 04:40:01 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\afd0724f
[2011/07/10 04:40:00 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\43701f03
[2011/07/10 04:39:57 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\62ba9efe
[2011/07/10 04:39:57 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\618de968
[2011/07/10 04:39:54 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2a5117fb
[2011/07/10 04:39:54 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2940ad83
[2011/07/10 04:39:25 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2d662f19
[2011/07/10 04:39:25 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2c81382c
[2011/07/10 04:39:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\53c5017
[2011/07/10 04:39:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\39c578e
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\67d72db9
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\66b77a9e
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\65310b8c
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\641c47ee
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\62f322bf
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5cdcb508
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ba1b8f4
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\53e60e06
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\355947c6
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\342c9a73
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\32c8d96c
[2011/07/10 04:39:17 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\31cf0a65
[2011/07/10 04:39:16 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\2ca04da9
[2011/07/10 04:28:44 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2011/07/10 04:21:31 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\8e088938
[2011/07/10 04:21:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\201ecac2
[2011/07/10 04:21:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\9ba3e325
[2011/07/10 04:21:19 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\9909f238
[2011/07/10 04:21:05 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f307c6f
[2011/07/10 04:21:05 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\e307d61
[2011/07/10 04:16:16 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ccc59285
[2011/07/10 04:16:11 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\ada9b596
[2011/07/10 04:16:04 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\a4748054
[2011/07/10 04:16:04 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\a3863604
[2011/07/10 04:15:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ec6d922
[2011/07/10 04:15:29 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\5db8499d
[2011/07/10 04:15:13 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\71b804d3
[2011/07/10 04:15:13 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\70625ad5
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\fbfb15ab
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\faf894c3
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f9baff25
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f8dbc85f
[2011/07/10 04:08:43 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f7950557
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f625be94
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\f330a795
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\dbe9c3a7
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c6107925
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c5200fb4
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c191c5b0
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\c0a249eb
[2011/07/10 04:08:42 | 000,004,636 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\b46e640e
[2011/07/10 04:08:34 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AimOne AVI Converter.lnk
[2011/07/10 03:59:35 | 000,001,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Clip Extractor.lnk
[2011/07/10 03:59:30 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\AutoUpdaterTask.job
[2011/07/03 19:07:27 | 007,108,067 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Kelly Rowland ft. Lil Wayne - Motivation.mp3
[2011/07/01 20:02:04 | 000,071,874 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Accepted Financial Aid Packet.pdf
[2011/06/30 10:29:38 | 000,077,250 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\AR-M455N_20110624_095921.pdf
[2011/06/29 18:38:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/09/03 18:10:06 | 000,000,890 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/09/02 21:01:50 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/17 03:02:46 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/09/20 13:57:43 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\mcs.rma
[2008/09/20 13:57:43 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\386906
[2008/08/31 11:22:19 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/31 11:09:37 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2006/06/10 09:17:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/10 08:57:11 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/06/10 08:53:08 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
[2006/06/10 08:52:20 | 000,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/06/10 08:52:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/06/10 08:49:54 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/06/10 08:47:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/10 08:36:50 | 000,000,328 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/10 08:36:11 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/06/10 08:36:11 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/06/10 08:31:30 | 000,080,417 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2006/06/10 08:31:30 | 000,004,011 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2006/06/10 08:30:30 | 000,090,686 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2006/06/10 08:30:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2006/06/10 08:26:48 | 000,109,104 | ---- | C] () -- C:\WINDOWS\hpoins08.dat
[2006/06/10 08:26:48 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat
[2006/06/10 08:24:20 | 000,112,942 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2006/06/10 08:24:20 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2006/06/10 08:22:17 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/10 08:21:22 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/06/10 08:18:05 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/10 08:18:05 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/06/10 08:18:05 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/10 08:18:05 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/06/10 08:18:05 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/10 08:18:05 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/10 08:18:04 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/06/10 08:18:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/10 08:16:52 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/10 07:56:41 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/06/10 07:56:41 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/06/10 07:56:25 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/17 20:23:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/31 00:17:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/31 00:07:46 | 000,445,700 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/31 00:07:46 | 000,072,780 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/31 00:05:30 | 000,333,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/31 00:01:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 23:58:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/06 00:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 02:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/10 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/10 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/07/26 10:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001/08/23 11:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 11:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/07 01:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2011/07/10 03:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auto Updater
[2010/06/17 18:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2006/06/10 08:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2009/02/14 22:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/11/29 10:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/07/24 15:59:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AutoUpdaterTask.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/10 00:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2004/08/10 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004/08/10 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2004/08/10 00:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/10 00:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/10 00:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/10 00:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\:
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: -chrome "chrome://browser/content/pref/pref.xul"
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2010/05/05 09:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/11/29 04:04:16 | 000,038,923 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\:
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: -chrome "chrome://browser/content/pref/pref.xul"
========== Alternate Data Streams ==========
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Extras Log::
OTL Extras logfile created on: 7/24/2011 5:40:54 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.48 Mb Total Physical Memory | 439.87 Mb Available Physical Memory | 43.02% Memory free
2.40 Gb Paging File | 1.94 Gb Available in Paging File | 80.89% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.66 Gb Total Space | 237.44 Gb Free Space | 87.73% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 0.42 Gb Free Space | 4.82% Space Free | Partition Type: FAT32
Drive F: | 702.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: LRM | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"K:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe" = K:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"L:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe" = L:\SMRTNTKY\DEVICE\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"G:\Playlists\LimeWire\LimeWire.exe" = G:\Playlists\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}" = muvee autoProducer 5.0
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352F5013-07DC-446D-8DB6-38F339086C60}" = LightScribe 1.4.84.1
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3CF99DC3-38FD-46E6-A6B4-9C70074E020C}" = DocumentViewer
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{4481BA2A-BD8B-4161-B51E-D5F85CF5742B}" = 2400_2500trb
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53D07738-CEC7-49F1-AD0E-FB9B47E5F85C}" = 23_24_2500Tour
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{57729BE1-DE2C-45DB-9FFA-5C1949679B3E}" = Watchtower Library 2010 - English
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5D61626A-BD55-4e42-82EE-4AE89D8FD050}" = HP Photosmart Cameras 6.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}" = muvee autoProducer unPlugged 2.0
"{6294CE03-1A16-4610-891E-FDAF9A585A54}" = SA52xx Device Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A118C80-B382-41c0-8907-CDD0BF5EFE6E}" = CameraDrivers
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro AntiVirus
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{819FEC51-BC58-44BC-9302-06D91CE63418}" = 2400_2500Help
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = ArcSoft MediaConverter 2.5
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro AntiVirus
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD84214-F7E4-448F-A9EB-9ACBFDFEA32B}" = 2400
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9DD2DE0-27BE-4e6b-AAD8-0D960ABF87FD}" = CameraUserGuides
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}" = DocProc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone
"{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}" = HP PSC & OfficeJet 6.1.A
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EDB2ACBA-3B50-4B75-BE52-197C8154D16A}_is1" = AimOne AVI Converter 1.51
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AutoUpdater_is1" = Auto Updater 1.0.0.4
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Clip Extractor Toolbar" = Clip Extractor Toolbar
"Clip Extractor_is1" = Clip Extractor 3.6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"DISCover" = DISCover
"ENTERPRISER" = Microsoft Office Enterprise 2007
"FrostWire" = FrostWire 4.21.6
"HP Document Viewer" = HP Document Viewer 6.1
"HP Game Console" = HP Game Console
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HP Rhapsody" = HP Rhapsody
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.1
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Netscape Browser" = Netscape Browser (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"WT004613" = Tornado Jockey
"WT005513" = Super Granny
"WT005515" = Polar Bowler
"WT005517" = Blasterball 2 Remix
"WT005518" = Polar Golfer
"WT005519" = Ricochet Lost Worlds
"WT005520" = Blackhawk Striker 2
"WT005521" = Blasterball 2 Revolution
"WT005523" = Tradewinds
"WT005524" = Bounce Symphony
"WT005630" = Alien Outbreak 2
"WT005631" = Fairies
"WT005632" = Snowy The Bears Adventure
"WT005634" = Bejeweled 2 Deluxe
"WT005635" = Big Kahuna Reef
"WT005636" = Bookworm Deluxe
"WT005637" = Chuzzle Deluxe
"WT005638" = Diner Dash
"WT005639" = Family Feud
"WT005640" = Flip Words
"WT005641" = Insaniquarium Deluxe
"WT005642" = Jewel Quest
"WT005643" = Mah Jong Quest
"WT005644" = Mystery Case Files
"WT005645" = Poker Superstars
"WT005646" = SCRABBLE
"WT005647" = Slingo Deluxe
"WT005648" = Tennis Titans
"WT006069" = FATE
"WT006072" = Ancient Sudoku
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Zune" = Zune
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2347380500-3405728751-1869572543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/10/2011 4:34:18 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:34:51 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:35:36 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:42:22 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:42:55 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 4:43:28 AM | Computer Name = LRM | Source = ZuneDriver | ID = 80837
Description =
Error - 7/10/2011 7:38:37 PM | Computer Name = LRM | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/15/2011 10:47:36 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18928, fault address 0x00067838.
Error - 7/17/2011 9:05:13 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting
module shell32.dll, version 6.0.2900.3402, fault address 0x0006f8bb.
Error - 7/23/2011 12:04:06 PM | Computer Name = LRM | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18928, fault address 0x001f3a53.
[ OSession Events ]
Error - 6/28/2009 7:47:39 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/28/2009 7:47:54 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/29/2009 8:10:59 AM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 596093
seconds with 10260 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:36:25 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 325589
seconds with 5460 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:39:29 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 166
seconds with 120 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:41:12 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 89
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/4/2009 2:41:50 PM | Computer Name = LRM | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 25
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/18/2011 12:32:05 PM | Computer Name = LRM | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 7/18/2011 12:32:05 PM | Computer Name = LRM | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 7/19/2011 12:36:46 PM | Computer Name = LRM | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 7/19/2011 12:36:46 PM | Computer Name = LRM | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 7/20/2011 12:47:34 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2
Error - 7/20/2011 12:52:40 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 7/20/2011 5:04:30 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the ARSVC service.
Error - 7/23/2011 10:22:33 AM | Computer Name = LRM | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2
Error - 7/23/2011 10:27:32 AM | Computer Name = LRM | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460
Error - 7/23/2011 1:26:59 PM | Computer Name = LRM | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the ARSVC service.
< End of report >
aswMBR Logs:
aswMBR version 0.9.8.977 Copyright© 2011 AVAST Software
Run date: 2011-07-24 17:48:29
-----------------------------
17:48:29.656 OS Version: Windows 5.1.2600 Service Pack 2
17:48:29.656 Number of processors: 2 586 0x4B02
17:48:29.656 ComputerName: LRM UserName:
17:48:30.453 Initialize success
17:49:01.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
17:49:01.468 Disk 0 Vendor: SAMSUNG_HD300LJ ZT100-12 Size: 286168MB BusType: 3
17:49:01.500 Disk 0 MBR read successfully
17:49:01.500 Disk 0 MBR scan
17:49:01.500 Disk 0 unknown MBR code
17:49:01.515 Disk 0 scanning sectors +586066320
17:49:01.578 Disk 0 scanning C:\WINDOWS\system32\drivers
17:49:05.859 Service scanning
17:49:06.921 Modules scanning
17:49:12.796 Disk 0 trace - called modules:
17:49:12.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:49:12.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e6fab8]
17:49:12.812 3 CLASSPNP.SYS[f757105b] -> nt!IofCallDriver -> \Device\00000077[0x86f78f18]
17:49:12.812 5 ACPI.sys[f73e7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x86f0f940]
17:49:12.812 Scan finished successfully
17:49:30.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
17:49:30.296 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"
Thanks again for your help!!
#6
Posted 27 July 2011 - 12:06 PM
Nedklaw
-
- Malware Removal
-
- 1,652 posts
Trusted Helper
Hi.
Are you experiencing any problems with your computer now?
Step 1
Please uninstall these programs via Control Panel > Add/Remove Programs (if present):
Step 2
Run OTL.
Things I want to see in your next reply
Are you experiencing any problems with your computer now?
Step 1
Please uninstall these programs via Control Panel > Add/Remove Programs (if present):
- Auto Updater 1.0.0.4
- FrostWire 4.21.6
- LimeWire 5.3.6
Step 2
Run OTL.
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
:OTL O2 - BHO: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll () O3 - HKLM\..\Toolbar: (Somoto Toolbar) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files\somototoolbar\vmntemplateX.dll () O4 - HKLM..\Run: [] File not found O4 - HKU\S-1-5-21-2347380500-3405728751-1869572543-1008..\Run: [cIUBNKMktstKy] C:\Documents and Settings\All Users\Application Data\cIUBNKMktstKy.exe () O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites) O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites) [2011/07/10 04:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\somototoolbar [2011/07/10 04:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\somototoolbar [2011/07/10 03:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auto Updater [2011/07/10 03:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Auto Updater [2011/07/10 03:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\Auto Updater [2011/07/24 15:59:04 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AutoUpdaterTask.job [2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\671n8w107xhhsv [2011/07/16 12:22:51 | 000,016,612 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\671n8w107xhhsv [2011/07/15 19:15:08 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\386906 [2011/07/10 04:40:01 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\afd0724f [2011/07/10 04:40:00 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\43701f03 [2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62ba9efe [2011/07/10 04:39:57 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\618de968 [2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2a5117fb [2011/07/10 04:39:54 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2940ad83 [2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2d662f19 [2011/07/10 04:39:25 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2c81382c [2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53c5017 [2011/07/10 04:39:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\39c578e [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\67d72db9 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\66b77a9e [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\65310b8c [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\641c47ee [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\62f322bf [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5cdcb508 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ba1b8f4 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\53e60e06 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\355947c6 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\342c9a73 [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\32c8d96c [2011/07/10 04:39:17 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\31cf0a65 [2011/07/10 04:39:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\2ca04da9 [2011/07/10 04:21:31 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\8e088938 [2011/07/10 04:21:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\201ecac2 [2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9ba3e325 [2011/07/10 04:21:19 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\9909f238 [2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f307c6f [2011/07/10 04:21:05 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\e307d61 [2011/07/10 04:16:16 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ccc59285 [2011/07/10 04:16:11 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\ada9b596 [2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a4748054 [2011/07/10 04:16:04 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\a3863604 [2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5ec6d922 [2011/07/10 04:15:29 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\5db8499d [2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\71b804d3 [2011/07/10 04:15:13 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\70625ad5 [2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\fbfb15ab [2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\faf894c3 [2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f9baff25 [2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f8dbc85f [2011/07/10 04:08:43 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f7950557 [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f625be94 [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\f330a795 [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\dbe9c3a7 [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c191c5b0 [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\c0a249eb [2011/07/10 04:08:42 | 000,004,636 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\b46e640e @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\HP_Administrator\My Documents\*.tmp files -> C:\Documents and Settings\HP_Administrator\My Documents\*.tmp -> ] :Files ipconfig /flushdns /c :Commands [purity] [resethosts] [emptytemp] [EMPTYFLASH] [CLEARALLRESTOREPOINTS] [Reboot]
- Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Post the log that appears upon reboot in your next reply.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Things I want to see in your next reply
- Answer to my question
- OTL Fix Log
- OTL.txt
#7
Posted 10 August 2011 - 01:34 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
