Here is my OTL scan.
Thanks for your help.
OTL logfile created on: 11/7/2011 9:56:49 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\watfordm\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.39% Memory free
2.58 Gb Paging File | 1.79 Gb Available in Paging File | 69.25% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 46.81 Gb Free Space | 62.86% Space Free | Partition Type: NTFS
Computer Name: BOOKKEEPER | User Name: watfordm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/11/07 21:54:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\watfordm\Desktop\OTL.exe
PRC - [2011/10/07 07:14:34 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/10/07 07:13:57 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/10/03 12:43:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/01/04 11:07:56 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/11/09 19:13:30 | 001,154,848 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/11/09 17:53:00 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/06/25 08:47:24 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007/06/25 08:47:12 | 001,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007/06/25 08:47:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2006/06/15 07:43:20 | 000,049,152 | ---- | M] (HP) -- C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/10/11 17:35:02 | 000,082,026 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
PRC - [2001/07/03 08:17:04 | 000,065,536 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2001/07/03 08:11:52 | 000,057,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
========== Modules (No Company Name) ==========
MOD - [2011/10/03 12:43:30 | 001,015,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2010/11/09 09:07:40 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/06/10 12:34:58 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
MOD - [2010/06/10 10:44:34 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2010/06/10 10:44:06 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2007/08/14 15:43:46 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 13:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 13:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2006/06/15 07:42:34 | 000,053,248 | ---- | M] () -- C:\Program Files\HP\ToolBoxFX\bin\NativeUtils.dll
MOD - [2004/08/10 12:12:50 | 003,379,200 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4fec348e\mscorlib.dll
MOD - [2004/08/10 12:12:44 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e0199e65\system.drawing.dll
MOD - [2004/08/10 12:12:34 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_b3205b38\system.xml.dll
MOD - [2004/08/10 12:12:24 | 003,014,656 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_6e7aff8e\system.windows.forms.dll
MOD - [2004/08/10 12:12:10 | 001,953,792 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b1d2ef50\system.dll
MOD - [2004/08/10 12:11:14 | 001,224,704 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2004/08/10 12:11:10 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2004/08/10 12:11:10 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2004/08/10 12:11:10 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2004/08/10 12:11:10 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2004/08/10 12:11:10 | 000,131,072 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll
MOD - [2001/10/11 17:34:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
MOD - [2001/07/03 08:17:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
MOD - [2001/07/03 08:17:04 | 000,065,536 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/07 07:14:34 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/10/07 07:13:57 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/01/04 11:07:56 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/09 17:53:00 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/06/25 08:47:12 | 001,552,680 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
========== Driver Services (SafeList) ==========
DRV - [2011/11/07 16:04:56 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{410A60A5-97EF-4C2F-BFA5-44A2B01734B4}\MpKsl40c2d76a.sys -- (MpKsl40c2d76a)
DRV - [2011/10/07 07:14:01 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2007/06/25 08:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007/06/25 08:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007/06/25 08:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2006/06/12 04:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2005/11/08 07:55:24 | 000,004,736 | ---- | M] (Laplink Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\llusbflt.sys -- (LLUSBFLT)
DRV - [2005/08/17 05:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/03/09 05:11:00 | 000,116,192 | R--- | M] (ALinx Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\m4301A.sys -- (m4301a)
DRV - [2004/08/24 07:52:42 | 000,008,960 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbbc2.sys -- (PLUsbbc2)
DRV - [2004/08/24 07:52:28 | 000,042,944 | ---- | M] (LapLink, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\sftser.sys -- (SFTSER)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dir&o=13735
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...?l=dir&o=13735"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:3.9.1.100006
FF - prefs.js..keyword.URL: "http://websearch.ask...=gog193YYUS&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\watfordm\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/10 08:00:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/03 12:43:32 | 000,000,000 | ---D | M]
[2009/01/13 15:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\watfordm\Application Data\Mozilla\Extensions
[2011/11/07 09:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\watfordm\Application Data\Mozilla\Firefox\Profiles\sw6x9xw8.default\extensions
[2011/08/16 10:31:37 | 000,000,000 | ---D | M] ("Dictionary.com Toolbar") -- C:\Documents and Settings\watfordm\Application Data\Mozilla\Firefox\Profiles\sw6x9xw8.default\extensions\[email protected]
[2011/11/07 09:09:20 | 000,002,570 | ---- | M] () -- C:\Documents and Settings\watfordm\Application Data\Mozilla\Firefox\Profiles\sw6x9xw8.default\searchplugins\askcom.xml
[2011/11/07 09:23:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 11:15:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/01/28 14:09:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/11/19 15:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/04/12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/19 15:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2008/09/15 10:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
O1 HOSTS File: ([2011/11/07 20:57:52 | 000,000,822 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Dictionary.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Starware Screensavers Toolbar) - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll File not found
O3 - HKLM\..\Toolbar: (Dictionary.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Dictionary.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\system32\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\system32\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://c:\windows\Java\classes\xmldso4.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.100 66.76.175.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EAF5842-A45B-473B-8877-EC1FF81C91EC}: DhcpNameServer = 208.180.42.100 66.76.175.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82D19843-52B9-4273-A1CD-52334514E068}: DhcpNameServer = 68.1.208.30 68.109.202.25 68.1.18.25
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\watfordm\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\watfordm\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999/09/23 19:14:12 | 000,000,131 | ---- | M] () - C:\AUTOEXEC.001 -- [ NTFS ]
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1999/09/23 19:21:32 | 000,000,293 | ---- | M] () - C:\AUTOEXEC.B~2 -- [ NTFS ]
O33 - MountPoints2\{2a4b59d8-d622-11db-ab26-0012179856e9}\Shell - "" = AutoRun
O33 - MountPoints2\{2a4b59d8-d622-11db-ab26-0012179856e9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2a4b59d8-d622-11db-ab26-0012179856e9}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\{9086d896-f718-11db-ab43-0012179856e9}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/07 21:54:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\watfordm\Desktop\OTL.exe
[2011/11/07 15:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/11/07 15:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/11/07 15:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\watfordm\Application Data\Malwarebytes
[2011/11/07 15:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/07 15:03:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/07 15:03:04 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/07 15:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/07 14:30:20 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\watfordm\Desktop\TFC.exe
[2011/11/07 14:20:16 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\watfordm\Desktop\mbam-setup-1.51.2.1300.exe
========== Files - Modified Within 30 Days ==========
[2011/11/07 22:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/07 21:54:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\watfordm\Desktop\OTL.exe
[2011/11/07 20:57:52 | 000,000,822 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/07 15:12:50 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/07 15:08:42 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/11/07 15:07:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/07 15:03:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/07 15:03:07 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/07 14:32:16 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\watfordm\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/07 14:30:50 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\watfordm\Desktop\TFC.exe
[2011/11/07 13:15:36 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\watfordm\Desktop\EMAIL.lnk
[2011/11/07 10:46:30 | 000,000,960 | ---- | M] () -- C:\FIFTH
[2011/11/07 10:39:02 | 076,808,192 | R--- | M] () -- C:\Documents and Settings\watfordm\Desktop\Greenville Christian School.QBW.TLG
[2011/11/07 10:39:02 | 016,285,696 | R--- | M] () -- C:\Documents and Settings\watfordm\Desktop\Greenville Christian School.QBW
[2011/11/07 10:39:02 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\watfordm\Desktop\Greenville Christian School.QBW.ND
[2011/11/05 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\Tune-up Application Start.job
[2011/11/03 09:50:00 | 000,000,167 | ---- | M] () -- C:\Documents and Settings\watfordm\default.pls
[2011/11/03 09:47:23 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/11/01 13:10:32 | 000,001,920 | ---- | M] () -- C:\FIRSTDRA
[2011/10/31 06:43:28 | 000,445,370 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/31 06:43:28 | 000,072,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/25 09:21:30 | 000,000,960 | ---- | M] () -- C:\EXTRA
[2011/10/24 09:03:15 | 000,000,960 | ---- | M] () -- C:\FINAL
[2011/10/19 15:45:37 | 000,000,960 | ---- | M] () -- C:\MIDMONTH
[2011/10/18 12:31:45 | 000,000,321 | ---- | M] () -- C:\WINDOWS\PVX.INI
[2011/10/18 12:19:52 | 000,000,486 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/10/17 12:31:27 | 000,004,800 | ---- | M] () -- C:\FIFTEENT
[2011/10/10 09:12:03 | 000,001,920 | ---- | M] () -- C:\TENTH
========== Files Created - No Company Name ==========
[2011/11/07 15:12:50 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/07 15:07:34 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/11/07 15:03:07 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/07 14:59:05 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2010/09/08 07:37:22 | 000,000,156 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/06/10 10:45:37 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2010/06/10 10:42:33 | 006,441,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/26 09:24:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2010/01/14 14:45:48 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\hpgt53.dll
[2009/08/13 08:02:34 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\f9t.dat
[2009/02/16 11:32:13 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/02/09 14:14:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/09 14:13:00 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\watfordm\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/01 09:44:45 | 000,001,156 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/09/20 14:52:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/08/20 08:11:41 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\watfordm\Local Settings\Application Data\fusioncache.dat
[2007/07/18 10:39:28 | 000,000,462 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2007/07/18 10:39:17 | 000,001,343 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2007/07/18 10:31:53 | 000,093,130 | ---- | C] () -- C:\WINDOWS\hppins05.dat
[2007/07/18 10:31:53 | 000,000,896 | ---- | C] () -- C:\WINDOWS\hppmdl05.dat
[2006/09/07 11:55:43 | 000,057,344 | ---- | C] () -- C:\WINDOWS\UPWIZUN.EXE
[2006/09/07 11:55:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\VCMUI.EXE
[2006/09/07 11:55:43 | 000,041,973 | ---- | C] () -- C:\WINDOWS\WININIT.EXE
[2006/09/07 11:55:25 | 000,045,379 | ---- | C] () -- C:\WINDOWS\SMARTDRV.EXE
[2006/09/07 11:55:24 | 000,018,939 | ---- | C] () -- C:\WINDOWS\SETVER.EXE
[2006/09/07 11:55:23 | 000,012,663 | ---- | C] () -- C:\WINDOWS\RAMDRIVE.SYS
[2006/09/07 11:55:23 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2006/09/07 11:55:23 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/09/07 11:55:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\PIDSET.EXE
[2006/09/07 11:55:22 | 000,027,616 | ---- | C] () -- C:\WINDOWS\PIDGEN.DLL
[2006/09/07 11:53:28 | 000,122,936 | ---- | C] () -- C:\WINDOWS\MSOWS409.DLL
[2006/09/07 11:53:28 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2006/09/07 11:53:28 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2006/09/07 11:53:27 | 000,129,080 | ---- | C] () -- C:\WINDOWS\LOGOW.SYS
[2006/09/07 11:53:27 | 000,129,078 | ---- | C] () -- C:\WINDOWS\LOGOS.SYS
[2006/09/07 11:53:27 | 000,032,768 | ---- | C] () -- C:\WINDOWS\MM2ENT.EXE
[2006/09/07 11:53:27 | 000,001,646 | ---- | C] () -- C:\WINDOWS\MSDOS.SYS
[2006/09/07 11:53:25 | 000,012,626 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2006/09/07 11:53:25 | 000,006,550 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.DAT
[2006/09/07 11:53:22 | 000,003,708 | ---- | C] () -- C:\WINDOWS\IFSHLP.SYS
[2006/09/07 11:53:21 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2006/09/07 11:53:19 | 000,033,191 | ---- | C] () -- C:\WINDOWS\HIMEM.SYS
[2006/09/07 11:53:18 | 000,125,495 | ---- | C] () -- C:\WINDOWS\EMM386.EXE
[2006/09/07 11:53:18 | 000,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2006/09/07 11:53:17 | 000,089,147 | ---- | C] () -- C:\WINDOWS\DOSREP.EXE
[2006/09/07 11:53:17 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2006/09/07 11:53:17 | 000,002,614 | ---- | C] () -- C:\WINDOWS\DBLBUFF.SYS
[2006/09/07 11:53:12 | 000,024,626 | ---- | C] () -- C:\WINDOWS\CMD640X.SYS
[2006/09/07 11:53:12 | 000,020,901 | ---- | C] () -- C:\WINDOWS\CMD640X2.SYS
[2006/09/07 11:53:10 | 000,001,105 | ---- | C] () -- C:\WINDOWS\ASPI2HLP.SYS
[2006/09/07 11:45:50 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\XFILEXR.DLL
[2006/09/07 11:45:48 | 000,002,295 | ---- | C] () -- C:\WINDOWS\System32\WINALI.INI
[2006/09/07 11:45:48 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\WINALX.INI
[2006/09/07 11:45:39 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\VIDX16.DLL
[2006/09/07 11:45:34 | 000,056,057 | ---- | C] () -- C:\WINDOWS\System32\UNICODE.BIN
[2006/09/07 11:45:27 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SUCATREG.EXE
[2006/09/07 11:45:19 | 000,000,096 | ---- | C] () -- C:\WINDOWS\System32\REBOOT.COM
[2006/09/07 11:45:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NETBIOS.DLL
[2006/09/07 11:45:01 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\MSHLOCAL.dll
[2006/09/07 11:44:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[2006/09/07 11:44:45 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[2006/09/07 11:44:45 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\ICMUPG.DLL
[2006/09/07 11:44:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\GROUPPOL.DLL
[2006/09/07 11:44:38 | 000,002,490 | ---- | C] () -- C:\WINDOWS\System32\DLCNDI.DLL
[2006/09/07 11:44:25 | 000,014,696 | ---- | C] () -- C:\WINDOWS\System32\CONAGENT.EXE
[2006/09/07 11:44:22 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\cmtool32.dll
[2006/09/07 11:13:59 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2006/09/07 11:13:59 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2006/09/07 11:03:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2006/09/07 10:57:07 | 000,000,525 | ---- | C] () -- C:\WINDOWS\System32\wlan.ini
[2006/09/06 13:27:56 | 000,000,486 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/26 10:52:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/26 10:32:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/07/26 10:32:36 | 000,000,390 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/12 04:36:30 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DLL
[2006/06/12 04:36:30 | 000,000,526 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DAT
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,357,752 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,445,370 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,072,576 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:09 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/01/17 11:45:40 | 000,000,616 | ---- | C] () -- C:\WINDOWS\wizards.ini
[2001/08/14 12:06:44 | 000,000,639 | ---- | C] () -- C:\WINDOWS\FINDIT32.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/01/30 14:14:40 | 000,000,180 | ---- | C] () -- C:\WINDOWS\winmine.ini
[2001/01/23 22:31:18 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\prntfix.exe
[2000/10/17 07:32:44 | 000,000,696 | ---- | C] () -- C:\WINDOWS\System32\QBTMRUTL.DLL
[2000/10/17 07:32:41 | 000,000,098 | ---- | C] () -- C:\WINDOWS\QBTIMER.INI
[2000/10/17 07:23:16 | 000,000,064 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2000/10/17 07:22:59 | 000,006,838 | ---- | C] () -- C:\WINDOWS\Icoadb32.dat
[2000/04/14 15:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/10/08 06:58:49 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BVRPWF.DLL
[1999/10/08 06:57:28 | 000,000,309 | ---- | C] () -- C:\WINDOWS\HPPTA.INI
[1999/10/08 06:56:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[1999/10/07 09:48:23 | 000,000,034 | ---- | C] () -- C:\WINDOWS\SOL.INI
[1999/10/07 08:50:06 | 000,009,030 | ---- | C] () -- C:\WINDOWS\hh.dat
[1999/10/05 07:01:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\MOUSEDRV.INI
[1999/10/01 10:47:49 | 000,000,244 | ---- | C] () -- C:\WINDOWS\FRX.INI
[1999/10/01 09:36:37 | 000,000,321 | ---- | C] () -- C:\WINDOWS\PVX.INI
[1999/10/01 09:36:34 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\90WRES32.DLL
[1999/10/01 09:36:34 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[1999/09/30 08:11:32 | 000,000,152 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[1999/09/30 08:10:48 | 000,002,158 | ---- | C] () -- C:\WINDOWS\FONTSMRT.INI
[1999/09/30 08:10:44 | 000,000,415 | ---- | C] () -- C:\WINDOWS\prntname.ini
[1999/09/30 08:10:10 | 000,000,076 | ---- | C] () -- C:\WINDOWS\tmprn.ini
[1999/09/29 12:44:14 | 000,016,384 | ---- | C] () -- C:\WINDOWS\MSIMGSIZ.DAT
[1999/09/23 19:19:12 | 000,029,696 | ---- | C] () -- C:\WINDOWS\desinst32.exe
[1999/09/23 19:19:12 | 000,010,208 | ---- | C] () -- C:\WINDOWS\System32\BVRPWFU.drv
[1999/09/23 19:19:12 | 000,000,063 | ---- | C] () -- C:\WINDOWS\Wgedit.ini
[1999/09/23 19:13:07 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[1999/09/23 19:12:44 | 000,229,408 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT
[1999/09/23 19:11:47 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt
[1999/09/23 19:10:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\5631_SWC.INI
[1999/09/23 19:10:37 | 000,000,108 | ---- | C] () -- C:\WINDOWS\5631_HWC.INI
[1999/09/23 19:10:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\9770P.INI
[1999/09/23 19:09:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[1999/09/23 19:08:30 | 000,000,283 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[1999/09/23 19:08:22 | 000,034,543 | ---- | C] () -- C:\WINDOWS\NBTSTAT.EXE
[1999/09/23 19:08:22 | 000,004,809 | ---- | C] () -- C:\WINDOWS\System32\LMSCRIPT.EXE
[1999/09/23 19:07:55 | 000,103,488 | ---- | C] () -- C:\WINDOWS\System32\ATITVOUT.DLL
[1999/09/23 19:07:55 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\ATITBDRV.SYS
[1999/09/23 19:07:55 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\ATITBDET.EXE
[1999/09/23 19:07:55 | 000,003,744 | ---- | C] () -- C:\WINDOWS\System32\ATITB.DLL
[1999/09/23 19:07:50 | 000,823,808 | ---- | C] () -- C:\WINDOWS\System32\DAINST.EXE
[1999/09/23 19:07:49 | 000,006,140 | ---- | C] () -- C:\WINDOWS\NDISHLP.SYS
[1999/09/23 19:07:48 | 000,014,952 | ---- | C] () -- C:\WINDOWS\PROTMAN.EXE
[1999/09/23 19:07:39 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\TCAUM90X.DLL
[1999/09/23 19:07:39 | 000,026,500 | ---- | C] () -- C:\WINDOWS\System32\TCAEGT16.DLL
[1999/09/23 19:07:39 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\TCAEGT32.DLL
[1999/09/23 19:07:35 | 002,417,445 | ---- | C] () -- C:\WINDOWS\System32\YDSXG.DAT
[1999/01/22 17:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/11 12:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1998/01/12 07:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[1997/08/03 23:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\PCDLIB32.DLL
[1995/01/13 13:10:00 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
========== LOP Check ==========
[2010/06/10 10:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/02/26 13:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/11/07 07:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/04/14 10:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/06/10 10:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2006/09/07 11:43:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2006/09/07 10:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spearit
[2010/06/10 11:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2010/06/28 16:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Facebook
[2010/01/26 09:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\InterTrust
[2011/01/10 15:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Itfy
[2011/11/07 15:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Liexv
[2009/07/28 18:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Snapfish
[2006/09/07 10:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Spearit
[2010/10/29 09:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\watfordm\Application Data\Stamps.com Internet Postage
[2011/11/07 15:12:50 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/11/07 22:01:00 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/11/05 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\Tasks\Tune-up Application Start.job
========== Purity Check ==========
< End of report >
OTL Extras wasn't sure if you wanted this so here it is.
OTL Extras logfile created on: 11/7/2011 9:56:49 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\watfordm\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.39% Memory free
2.58 Gb Paging File | 1.79 Gb Available in Paging File | 69.25% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 46.81 Gb Free Space | 62.86% Space Free | Partition Type: NTFS
Computer Name: BOOKKEEPER | User Name: watfordm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Laplink\FileMover\SFTHost.exe" = C:\Program Files\Laplink\FileMover\SFTHost.exe:*:Enabled:SFTHost Module -- (Laplink Software, Inc.)
"C:\Program Files\Laplink\PCmover\PCmover.exe" = C:\Program Files\Laplink\PCmover\PCmover.exe:*:Enabled:PCmover -- (Laplink Software Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"E:\Installation\Setupx.exe" = E:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup
"C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe:*:Enabled:QuickBooks 2010 Data Manager -- (Intuit, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{02F6993D-B763-4F40-8F93-2A9CD97586E3}" = Microsoft IntelliType Pro 6.3
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A422-40A5-BD20-04BF618CA0F9}" = QuickBooks Pro 2010
"{135BA9A6-495A-4FE9-B1A1-AB4DA449CAB1}" = hppLJP2015
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 20
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3BC341BD-3736-45F0-B0E0-5664792AC528}" = HP Care Pack Core
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{561D20B1-766E-4EA5-8A1D-B7357D903673}" = hppIOFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{5E55F3F1-2210-4CC9-A761-9E4B818D9FA7}" = HP Care Pack Products
"{6441FECE-0E73-4326-81BF-68503E897820}" = CorePLS_Min_QFolder
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{69E6C13B-CF6B-47A6-B7A5-77FE82B2CB40}" = hppFonts
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}" = HP Precisionscan Pro 3.1
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A178F2E-92F6-437C-A709-69685D1C0F2B}" = hppTLBXFXP2015
"{7FDD86DF-1023-460A-A20D-F329800DB266}" = FileMover
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8C0118CC-F720-45FF-A4DA-44AD77B2E73C}" = CorePLS_Full_QFolder
"{8E72B982-D54F-486F-B35A-C24B6F171033}" = Nero 7 Essentials
"{90120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{93C069D4-2F86-4570-A6DF-BFABBA1E4AFD}" = hpzTLBXFX
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAA11090-6E99-4655-AAF5-57EB5F677D0C}" = MarketResearch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B78823CD-488F-43B4-80D6-FAEADAE40EC4}" = Instant Wireless USB Adapter
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFB61D8C-D651-4D7C-80B4-C78676A0AF1F}" = hppusgP2015
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E65AAF02-3F36-4189-B8C3-E4B9A9040131}" = RenWeb.com
"{EDAE4F43-833C-443B-8DB5-129F897DF3E8}" = hppWebRegMM
"{EF1989B2-F482-49D3-BB19-7C81E3EAAB39}" = PCmover
"{F38D0F99-1BFC-47AB-AC36-8D9D43700CFB}" = hppManualsP2015
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"3ComNicUnInstall" = 3Com NIC Diagnostics
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"ATI Mach64 Display Driver" = ATI mach64 Display Driver
"Bookshelf 2k" = Bookshelf 2000
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Conexant HCF V.90/56K Modem" = MDP3880 PCI Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DellZone" = DellZone
"Google Desktop" = Google Desktop
"HP LaserJet 1100" = HP LaserJet 1100
"HP LaserJet P2015" = HP LaserJet P2015 Series 1.0
"HP PrecisionScan" = HP PrecisionScan
"HPExtendedCapabilities" = HP Extended Capabilities 6.0
"InstallShield_{7FDD86DF-1023-460A-A20D-F329800DB266}" = FileMover
"InstallShield_{EF1989B2-F482-49D3-BB19-7C81E3EAAB39}" = PCmover
"Iomega95" = Iomega Tools for Windows 95
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Modem Test" = Modem Test
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"PHONTOOLDeinstKey" = PhoneTools
"PROSet" = Intel® PRO Network Connections Drivers
"QuickBooks 2000" = QuickBooks Pro 2000
"TournamentBuilder" = Uninstall TournamentBuilder
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Works" = Microsoft Works 4.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"StudioWorks" = StudioWorks
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/7/2011 12:29:02 PM | Computer Name = BOOKKEEPER | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/7/2011 5:07:45 PM | Computer Name = BOOKKEEPER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8402.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 11/7/2011 5:07:54 PM | Computer Name = BOOKKEEPER | Source = Microsoft Security Client | ID = 5000
Description =
Error - 11/7/2011 5:08:52 PM | Computer Name = BOOKKEEPER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072f8f, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
Error - 11/7/2011 5:36:57 PM | Computer Name = BOOKKEEPER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072f8f, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
Error - 11/7/2011 6:06:03 PM | Computer Name = BOOKKEEPER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 11/7/2011 6:06:03 PM | Computer Name = BOOKKEEPER | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 11/7/2011 9:35:49 PM | Computer Name = BOOKKEEPER | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8402.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 11/7/2011 11:22:52 PM | Computer Name = BOOKKEEPER | Source = MsiInstaller | ID = 11316
Description = Product: RenWeb.com -- Error 1316. A network error occurred while
attempting to read from the file: C:\Documents and Settings\watfordm\My Documents\Downloads\Renweb.11.08.040[1].msi
Error - 11/7/2011 11:24:07 PM | Computer Name = BOOKKEEPER | Source = MsiInstaller | ID = 11316
Description = Product: RenWeb.com -- Error 1316. A network error occurred while
attempting to read from the file: C:\Documents and Settings\watfordm\My Documents\Downloads\Renweb.11.08.040[1].msi
[ System Events ]
Error - 11/7/2011 5:49:57 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL.
Reference
error message: The operation completed successfully. .
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL.
Reference
error message: The operation completed successfully. .
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last
Error was The referenced assembly is not installed on your system.
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference
error message: The referenced assembly is not installed on your system. .
Error - 11/7/2011 5:49:58 PM | Computer Name = BOOKKEEPER | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL.
Reference
error message: The operation completed successfully. .
Error - 11/7/2011 5:04:12 PM | Computer Name = BOOKKEEPER | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 11/7/2011 5:08:51 PM | Computer Name = BOOKKEEPER | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%852
Source
Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072f8f Error description:
A security error occurred
Error - 11/7/2011 5:36:56 PM | Computer Name = BOOKKEEPER | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 0.0.0.0 Update Source: %%859 Update Stage: %%852
Source
Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803 User: NT AUTHORITY\SYSTEM
Current
Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072f8f Error description:
A security error occurred
< End of report >