OTL Extras logfile created on: 12/7/2011 6:30:00 PM - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\McBride\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 510.48 Mb Total Physical Memory | 129.18 Mb Available Physical Memory | 25.31% Memory free 1.22 Gb Paging File | 0.88 Gb Available in Paging File | 72.15% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 0.12 Gb Free Space | 0.21% Space Free | Partition Type: NTFS Computer Name: PC183211979723 | User Name: McBride | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = ComFile] -- "%1" %* .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00932BE5-CA6B-4239-B9DD-31B5276F6BA7}" = TrendExportBatch 1.1.0 "{02E22217-0E96-4C3F-B831-83AA942B7715}" = UserGuides "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security "{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0 "{15D91706-6ADF-44CF-9D7D-FF2D8ACD2C6F}" = LS_HSI "{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25 "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3215EBED-1D06-42fb-A05C-A752A46FB24C}" = Canon MP530 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 A3 "{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security "{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}" = iTunes "{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}" = Norton Internet Security "{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE "{5677563D-0CB1-485f-9E18-C5025306BB3F}" = Norton AntiSpam "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC "{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90180409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0 "{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21 "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security "{AADFE0B9-F905-4d5f-A144-0ADB2EFA747B}" = Norton Internet Security "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver "{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005 "{C8F7C1E5-0150-11D6-A96C-00D05908F85D}" = USB Driver "{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}" = Norton Internet Security "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B3 "{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14 "{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer "{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}" = CC_ccProxyExt "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security "{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update "{FC08587A-4F01-4188-819F-F55880022917}" = ccPxyCore "{FC2C0536-583C-46c0-844A-62CECAE01F22}" = Norton Internet Security "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "ATI Display Driver" = ATI Display Driver "Canon MP530 User Registration" = Canon MP530 User Registration "CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP "Conexant PCI Audio" = Conexant AC-Link Audio "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-WebPrint" = Easy-WebPrint "Flickr Uploadr" = Flickr Uploadr 2.5.0.15 "HP Pavillion zv6000 User Guides" = HP Pavillion zv6000 User Guides "IDMViewer" = FileNet IDM Viewer 4.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}" = iTunes "InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers. "LiveReg" = LiveReg (Symantec Corporation) "LiveUpdate" = LiveUpdate 2.5 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0 "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "MP Navigator 2.2" = Canon MP Navigator 2.2 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Pdf995" = Pdf995 "PdfEdit995" = PdfEdit995 "Signature995" = Signature995 "SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2005 (Symantec Corporation) "SynTPDeinstKey" = Synaptics Pointing Device Driver "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinZip" = WinZip "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 11/25/2011 9:46:33 PM | Computer Name = PC183211979723 | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 11/27/2011 9:32:34 PM | Computer Name = PC183211979723 | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 11/27/2011 9:32:34 PM | Computer Name = PC183211979723 | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error - 11/30/2011 8:19:06 PM | Computer Name = PC183211979723 | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/1/2011 4:25:12 AM | Computer Name = PC183211979723 | Source = MsiInstaller | ID = 11311 Description = Product: Microsoft Office Basic Edition 2003 -- Error 1311. Source file not found(cabinet): C:\SwSetup\Off03bas\PA561401.CAB. Verify that the file exists and that you can access it. Error - 12/4/2011 7:54:03 PM | Computer Name = PC183211979723 | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.3667, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/5/2011 8:29:50 AM | Computer Name = PC183211979723 | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 12/5/2011 9:42:17 PM | Computer Name = PC183211979723 | Source = Application Error | ID = 1000 Description = Faulting application aswmbr.exe, version 0.9.8.986, faulting module aswmbr.exe, version 0.9.8.986, fault address 0x000045b1. Error - 12/6/2011 8:38:30 PM | Computer Name = PC183211979723 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: The server name or address could not be resolved Error - 12/6/2011 8:38:35 PM | Computer Name = PC183211979723 | Source = crypt32 | ID = 131080 Description = Failed auto update retrieval of third-party root list sequence number from: with error: This network connection does not exist. [ System Events ] Error - 12/6/2011 10:46:51 PM | Computer Name = PC183211979723 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 12/6/2011 10:47:52 PM | Computer Name = PC183211979723 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 12/6/2011 10:48:21 PM | Computer Name = PC183211979723 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 12/6/2011 10:55:42 PM | Computer Name = PC183211979723 | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 12/7/2011 7:16:56 PM | Computer Name = PC183211979723 | Source = SAVRT | ID = 458772 Description = Unable to initialize the virus scanning engine database files. Error - 12/7/2011 7:17:09 PM | Computer Name = PC183211979723 | Source = Service Control Manager | ID = 7000 Description = The Logitech Process Monitor service failed to start due to the following error: %%2 Error - 12/7/2011 7:17:09 PM | Computer Name = PC183211979723 | Source = Service Control Manager | ID = 7000 Description = The HP Pci Information service failed to start due to the following error: %%3 Error - 12/7/2011 7:17:13 PM | Computer Name = PC183211979723 | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: Lbd SAVRT Error - 12/7/2011 7:20:48 PM | Computer Name = PC183211979723 | Source = SAVRT | ID = 458772 Description = Unable to initialize the virus scanning engine database files. Error - 12/7/2011 7:20:49 PM | Computer Name = PC183211979723 | Source = Service Control Manager | ID = 7000 Description = The SAVRT service failed to start due to the following error: %%31 < End of report >