OTL logfile created on: 2/20/2013 10:07:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.48 Mb Total Physical Memory | 27.78 Mb Available Physical Memory | 6.22% Memory free
1.03 Gb Paging File | 0.27 Gb Available in Paging File | 26.20% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.54 Gb Total Space | 93.19 Gb Free Space | 66.31% Space Free | Partition Type: NTFS
Drive D: | 8.50 Gb Total Space | 1.11 Gb Free Space | 13.01% Space Free | Partition Type: FAT32
Drive F: | 3.76 Gb Total Space | 0.74 Gb Free Space | 19.65% Space Free | Partition Type: FAT32
Computer Name: JIMENEZ | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/20 22:06:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
PRC - [2013/02/20 10:56:06 | 001,145,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe
PRC - [2010/10/01 11:00:57 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/08/19 14:44:08 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/19 14:44:01 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/19 14:43:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2007/06/13 02:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/20 04:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2005/12/02 08:12:01 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2005/09/21 09:41:10 | 001,605,740 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
PRC - [2005/08/24 06:51:18 | 000,442,455 | ---- | M] (Motive, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
PRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe
PRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2005/04/05 17:01:36 | 000,282,624 | ---- | M] (FUJI PHOTO FILM CO., LTD.) -- C:\Program Files\FinePixViewer\QuickDCF.exe
========== Modules (No Company Name) ==========
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/10/06 10:31:46 | 002,475,336 | ---- | M] () -- C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
MOD - [2010/04/08 06:52:20 | 000,271,024 | ---- | M] () -- C:\Program Files\Search Toolbar\SearchToolbar.dll
MOD - [2010/02/05 10:14:43 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/08 11:41:51 | 000,679,936 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2009/08/08 11:41:51 | 000,139,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2009/08/08 11:41:50 | 002,052,096 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll
MOD - [2009/08/08 11:41:50 | 001,339,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll
MOD - [2009/08/08 11:41:50 | 000,835,584 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll
MOD - [2009/08/08 11:41:50 | 000,786,432 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll
MOD - [2009/08/08 11:41:50 | 000,770,048 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll
MOD - [2009/08/08 11:41:50 | 000,495,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll
MOD - [2009/08/08 11:41:50 | 000,430,080 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll
MOD - [2009/08/08 11:41:50 | 000,232,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2009/08/08 11:41:50 | 000,013,824 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\MEshim.dll
MOD - [2009/08/08 11:41:49 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2009/08/08 11:41:49 | 000,120,832 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2009/08/08 11:41:49 | 000,086,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2009/08/08 11:41:49 | 000,083,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2009/08/08 11:41:49 | 000,057,344 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2009/08/08 11:41:49 | 000,051,712 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2009/08/08 11:41:49 | 000,009,728 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2009/08/08 11:41:48 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2009/08/08 11:41:48 | 000,405,504 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2009/08/08 11:41:48 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2009/08/08 11:41:48 | 000,303,104 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2009/08/08 11:41:48 | 000,246,272 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2009/08/08 11:41:48 | 000,061,952 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2009/08/08 11:41:47 | 001,035,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2009/08/08 11:41:47 | 000,667,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2009/08/08 11:41:47 | 000,335,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2009/08/08 11:41:47 | 000,223,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2009/08/08 11:41:47 | 000,171,008 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2009/08/08 11:41:47 | 000,115,200 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2009/08/08 11:41:47 | 000,095,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2009/08/08 11:41:47 | 000,081,920 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2009/08/08 11:41:47 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2007/02/20 04:10:20 | 000,192,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
MOD - [2007/02/20 04:09:22 | 000,094,208 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
MOD - [2007/02/20 02:34:48 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll
MOD - [2005/12/02 08:11:58 | 000,151,589 | ---- | M] () -- C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll
MOD - [2005/12/02 08:11:58 | 000,098,339 | ---- | M] () -- C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll
MOD - [2005/12/02 08:11:57 | 000,061,496 | ---- | M] () -- C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
MOD - [2005/12/02 08:11:55 | 000,126,976 | ---- | M] () -- C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
MOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll
MOD - [2005/03/15 22:17:28 | 000,204,800 | ---- | M] () -- c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2004/08/10 04:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/10 04:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2013/02/11 22:37:35 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/01/25 10:00:54 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/08/19 14:43:48 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\VERIZO~1\VZACCE~1\SMNDIS5.SYS -- (SMNDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\BW2NDIS5.sys -- (BW2NDIS5)
DRV - [2011/03/18 08:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2009/08/19 14:44:08 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/19 14:44:08 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/06/07 00:35:30 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2007/07/23 08:23:46 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/07/23 08:23:46 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/07/23 08:23:44 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2006/07/20 12:39:30 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/10/18 12:15:42 | 004,034,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005/09/23 12:26:40 | 001,094,751 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/08/13 21:35:54 | 001,313,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/03/04 10:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/03 21:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/03/08 11:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/01/10 13:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [1996/04/03 11:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80114
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.c...64&gct=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...aspx?tbid=80114
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {63713216-8303-4271-A169-BD5948EA06F4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice...b&orig=IMC-IEDS
IE - HKCU\..\SearchScopes\{63713216-8303-4271-A169-BD5948EA06F4}: "URL" = http://www.google.co...&rlz=1I7ADBF_en
IE - HKCU\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1814311
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80114&lng=en
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=FRW
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://mmb.bingstart...g=2-152-0-1jtkz
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..browser.startup.homepage: "http://redirecturls.info/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
[2009/07/09 20:00:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2009/06/06 17:23:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions\[email protected]
[2009/06/15 10:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\extensions
[2009/06/15 10:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/12/14 21:50:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nkb7live.default\extensions
[2009/09/02 14:07:09 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nkb7live.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/12/01 10:50:20 | 000,002,160 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nkb7live.default\searchplugins\MySpace.xml
[2009/08/11 14:56:07 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
O1 - HOSTS file present but inaccessible!
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Max EN Toolbar) - {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - C:\Program Files\P2P_Max\prxtbP2P2.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Reg Error: Value error.) - {7b572459-3ad0-4a8a-ae0f-0a4ef6306c6f} - C:\WINDOWS\system32\qqjnlwuj.dll File not found
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Reg Error: Value error.) - {DC222CE1-A9F6-45A5-8576-9712FAADC5A2} - C:\WINDOWS\system32\vtsts.dll File not found
O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Max EN Toolbar) - {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - C:\Program Files\P2P_Max\prxtbP2P2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Max EN Toolbar) - {72AE8426-3B8D-4EAD-B191-8D0AD1C62158} - C:\Program Files\P2P_Max\prxtbP2P2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot File not found
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background File not found
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe (Adobe Systems Incorporated)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; MMBSearchToolbar 1.1; GTB6.5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.cartoonne...itz/index.html" File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: att.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: att.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: att.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F7BEEC8-AF55-40B5-8104-23440E52F36E}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msref {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\msref.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\vtuvwvv: DllName - (vtuvwvv.dll) - File not found
O24 - Desktop Components:0 () - http://images-partne...01.LZZZZZZZ.jpg
O24 - Desktop Components:1 () - http://images-partne...otos/Eazy-E.bmp
O24 - Desktop Components:2 () - http://images-partne...a%20Streetz.jpg
O24 - Desktop Components:3 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\vtsts.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/02 08:07:24 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2012/05/10 09:24:22 | 000,000,185 | -HS- | M] () - F:\autorun.bak -- [ FAT32 ]
O32 - AutoRun File - [2013/02/16 20:21:20 | 000,000,245 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1345d824-4990-11de-8d83-0015f26b1717}\Shell - "" = AutoRun
O33 - MountPoints2\{1345d824-4990-11de-8d83-0015f26b1717}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1345d824-4990-11de-8d83-0015f26b1717}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{3004d0b6-bef7-11dc-8cf2-0015f26b1717}\Shell\AutoRun\command - "" = Autorun.exe /run
O33 - MountPoints2\{3004d0b6-bef7-11dc-8cf2-0015f26b1717}\Shell\Shell00\Command - "" = Autorun.exe /run
O33 - MountPoints2\{3004d0b6-bef7-11dc-8cf2-0015f26b1717}\Shell\Shell01\Command - "" = Autorun.exe /action
O33 - MountPoints2\{3004d0b6-bef7-11dc-8cf2-0015f26b1717}\Shell\Shell02\Command - "" = Autorun.exe /uninstall
O33 - MountPoints2\{57f21ad8-fce3-11e0-b6af-0015f26b1717}\Shell\AutoRun\command - "" = DFG-2352-26235-2322322-624621221-2622255\usbBlock.exe
O33 - MountPoints2\{57f21ad8-fce3-11e0-b6af-0015f26b1717}\Shell\open\command - "" = DFG-2352-26235-2322322-624621221-2622255\usbBlock.exe
O33 - MountPoints2\{bdb1e95c-f02b-11db-8b80-00038a000015}\Shell\AutoRun\command - "" = K:\setupSNK.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/20 22:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2013/02/20 22:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/02/20 22:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2013/02/20 22:19:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/02/20 22:06:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2013/02/16 20:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/02/16 20:09:45 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/02/11 22:37:11 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/11 22:37:10 | 000,074,096 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/11 20:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/02/11 20:33:35 | 004,812,216 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\HP_Administrator\Desktop\system info.exe
[2013/02/11 20:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/11 20:27:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/11 20:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/11 20:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\Software basic tools
[2013/02/11 20:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
[2013/02/11 20:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes
[2013/02/11 19:28:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2013/02/11 19:28:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[48 C:\Documents and Settings\HP_Administrator\Application Data\*.tmp files -> C:\Documents and Settings\HP_Administrator\Application Data\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/20 22:39:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2013/02/20 22:27:39 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/20 22:26:45 | 000,000,187 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/02/20 22:24:08 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/20 22:15:34 | 066,150,994 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2013/02/20 22:09:01 | 000,849,256 | ---- | M] () -- C:\logfile
[2013/02/20 22:06:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2013/02/20 22:04:33 | 001,627,136 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2013/02/20 22:04:33 | 000,741,376 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2013/02/20 21:54:59 | 000,000,326 | -HS- | M] () -- C:\WINDOWS\tasks\Digmg.job
[2013/02/20 21:54:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/20 21:54:50 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/20 17:37:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/20 10:52:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/16 20:48:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/16 20:16:20 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/02/16 19:53:16 | 002,142,960 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\installspeedfan447.exe
[2013/02/11 22:37:12 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/11 22:37:10 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/11 20:30:28 | 004,812,216 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\HP_Administrator\Desktop\system info.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[48 C:\Documents and Settings\HP_Administrator\Application Data\*.tmp files -> C:\Documents and Settings\HP_Administrator\Application Data\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/20 21:54:50 | 468,242,432 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/20 11:19:17 | 002,142,960 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\installspeedfan447.exe
[2013/02/16 20:13:02 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/02/11 22:37:51 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/05/19 20:56:52 | 000,000,148 | ---- | C] () -- C:\WINDOWS\winmnsssgr.exe
[2011/04/11 19:57:38 | 000,135,168 | RHS- | C] () -- C:\WINDOWS\System32\aamd532A.dll
[2011/04/05 18:05:18 | 000,000,028 | ---- | C] () -- C:\WINDOWS\p7342234213.exe
[2009/12/25 17:10:09 | 000,054,093 | ---- | C] () -- C:\Program Files\EULA.eng
[2007/10/03 21:10:54 | 000,003,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/11 22:02:41 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\d3d9caps.dat
[2006/07/25 16:19:32 | 000,017,724 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2006/01/27 22:50:31 | 000,106,496 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/27 20:41:10 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2005/08/31 03:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 20:31:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 02:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/10 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 2/20/2013 10:07:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.48 Mb Total Physical Memory | 27.78 Mb Available Physical Memory | 6.22% Memory free
1.03 Gb Paging File | 0.27 Gb Available in Paging File | 26.20% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 140.54 Gb Total Space | 93.19 Gb Free Space | 66.31% Space Free | Partition Type: NTFS
Drive D: | 8.50 Gb Total Space | 1.11 Gb Free Space | 13.01% Space Free | Partition Type: FAT32
Drive F: | 3.76 Gb Total Space | 0.74 Gb Free Space | 19.65% Space Free | Partition Type: FAT32
Computer Name: JIMENEZ | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"8097:TCP" = 8097:TCP:*:Enabled:EarthLink UHP Modem Support
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed
"C:\Program Files\Common Files\AOL\1138433187\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1138433187\EE\AOLServiceHost.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL
"C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" = C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Documents and Settings\HP_Administrator\My Documents\FrostWire\Saved\FrostWire\FrostWire.exe" = C:\Documents and Settings\HP_Administrator\My Documents\FrostWire\Saved\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\YGZKD3GF\facebook-pic0004820591051-JPEG[1].exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Windows\Temp\Temp20191855126431.exe" = c:\windows\smss.exe:*:Enabled:Windows System Controler
"C:\Windows\Temp\Temp20191855126421.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A6E.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A6F.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A70.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A74.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A75.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A79.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A7B.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A77.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A78.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A7D.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A7E.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A7F.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A82.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\62.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\D9.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\141.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A8A.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A86.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A87.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A88.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A89.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A8D.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A8E.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A93.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\27.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A8F.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\28.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A9C.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A9D.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\A9E.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\AA2.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\AA3.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\AA6.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\AA7.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Documents and Settings\HP_Administrator\Application Data\AA9.tmp" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Windows\Temp\widfafdfasdsf.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Windows\Temp\wdfasasas.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Windows\Temp\Temp4098442.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Windows\Temp\Temp40984142.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Windows\Temp\Temp40454142.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"WindowsUpdate" = C:\Documents and Settings\HP_Administrator\Application Data\msconfig.exe
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{1117F094-E233-4FEA-A3DA-B9E99A37D5E2}" = The Print Shop Resume Pro
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.1
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{382E94C0-6E22-44e4-B003-8EB31DFE296F}" = cp_LightScribeConfig
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{3C0BAFCA-BDB8-492B-8845-DC0A4B4C1823}" = HPDeskjet5400Series
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5E0A11EA-281C-468A-898C-DF4959B6160A}" = MusicVixen Music Manager
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F9D52A-C8D7-4FE8-8510-19FC6CF75BC3}" = Access Drivers
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91477C6F-EC7C-4BFC-BBE1-E45908019DED}" = LightScribe 1.4.52.1
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C104580B-1C79-4d73-9BF0-CA0B184296A4}" = cp_LightScribePlugin
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C83A12B9-B31B-461A-BBD4-CE9B988094F1}" = HP Photosmart Cameras 5.0
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D518592A-0F1E-40ca-BECB-3D3F026C6B0D}" = CameraDrivers
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB57A16E-500D-43d7-85B9-FBE279EBBA6E}" = HP Deskjet 5400 series
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.5
"AwayMode160" = Microsoft Away Mode
"Blubster" = Blubster 2.6.9
"Casino-On-Net" = Casino-On-Net
"EEDInst 99" = Encarta Encyclopedia Deluxe 99
"Encarta Research Organizer 99" = Encarta Research Organizer
"EVG 99" = Encarta Virtual Globe 99
"FrostWire" = FrostWire 4.18.1
"HP Document Viewer" = HP Document Viewer 5.3
"HP Image Zone for Media Center PC" = HP Image Zone for Media Center PC
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.0
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MySpaceToolbar" = MySpace Toolbar
"NSS" = Norton Security Scan
"P2P Networking" = P2P Networking
"P2P_Max Toolbar" = P2P_Max Toolbar
"PCFriendly" = PCFriendly
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"SBC.MCCInstall" = AT&T Self Support Tool
"Search Toolbar" = Search Toolbar
"Speccy" = Speccy
"SpeedFan" = SpeedFan (remove only)
"Suite 99" = Encarta Reference Suite 99
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"blinkx beat" = blinkx beat
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/12/2013 12:03:51 AM | Computer Name = JIMENEZ | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2016
Error - 2/12/2013 12:03:53 AM | Computer Name = JIMENEZ | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2/12/2013 12:03:53 AM | Computer Name = JIMENEZ | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4172
Error - 2/12/2013 12:03:53 AM | Computer Name = JIMENEZ | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4172
Error - 2/12/2013 12:11:06 AM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application orlolc.exe, version 1.0.0.0, faulting module
orlolc.exe, version 1.0.0.0, fault address 0x0000254e.
Error - 2/12/2013 2:27:18 AM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00c83d30.
Error - 2/13/2013 9:38:40 PM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application orlolc.exe, version 1.0.0.0, faulting module
orlolc.exe, version 1.0.0.0, fault address 0x0000254e.
Error - 2/17/2013 12:22:44 AM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.2180, faulting
module unknown, version 0.0.0.0, fault address 0x00873d30.
Error - 2/17/2013 12:23:34 AM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application orlolc.exe, version 1.0.0.0, faulting module
orlolc.exe, version 1.0.0.0, fault address 0x0000254e.
Error - 2/21/2013 1:58:11 AM | Computer Name = JIMENEZ | Source = Application Error | ID = 1000
Description = Faulting application kbd.exe, version 1.0.2.2, faulting module ntdll.dll,
version 5.1.2600.3520, fault address 0x00018af2.
[ System Events ]
Error - 2/20/2013 3:13:18 PM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2/20/2013 3:14:35 PM | Computer Name = JIMENEZ | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AvgLdx86 AvgMfx86 Fips ftsata2 intelppm
Error - 2/20/2013 3:18:59 PM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:50:12 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:50:23 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:50:25 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:50:27 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:50:29 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/21/2013 1:53:31 AM | Computer Name = JIMENEZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 2/21/2013 1:57:08 AM | Computer Name = JIMENEZ | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2 iaStor IntelIde ViaIde
< End of report >