Sophiekat

Members

View Profile See their activity

Posts
17
Joined
December 28, 2011
Last visited
January 6, 2012

Tech Info

Experience
beginner
System: windows_xp_home

Sophiekat's Achievements

Newbie (1/14)

Reputation

Happy New Year!!!

Sophiekat posted a topic in Tech Support & Discussions Forum

Happy New year! Hope 2012 is a great for everyone! Sophiekat [ATTACH=CONFIG]642.vB5-legacyid=1352[/ATTACH]
- December 31, 2011
- 4 replies
Hello There

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

Thank you for the nice welcome.:) It's great that there are sites to help people when their computers aren't working right. My computer is doing much better.:) Sophiekat
- December 31, 2011
- 4 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

Starbuck,:) I want to thank you so much for all your help. I think the other site I was on just had too many people needing help and not enough people to help them. I would certainly reccommend this site for anyone needing help with their computer. If I have any more problems I will let you know. Again, Thank you Sophiekat:cool:
- December 31, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Works Update Detection deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Consumer Input Update deleted successfully. C:\Program Files\Consumer Input\dca-ua.exe moved successfully. ========== REGISTRY ========== ========== FILES ========== C:\Program Files\AVG\AVG8\log folder moved successfully. C:\Program Files\AVG\AVG8\cfg folder moved successfully. C:\Program Files\AVG\AVG8 folder moved successfully. C:\Program Files\AVG\AVG10\Notification folder moved successfully. C:\Program Files\AVG\AVG10 folder moved successfully. C:\Program Files\AVG folder moved successfully. File\Folder C:\Program Files\LimeWire not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: fedenfam ->Temp folder emptied: 545899085 bytes ->Temporary Internet Files folder emptied: 14096657 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 953 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: NetworkService ->Temp folder emptied: 2836 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Owner %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 576142 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 679 bytes Total Files Cleaned = 535.00 mb OTL by OldTimer - Version 3.2.31.0 log created on 12302011_092123 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF2500.tmp not found! File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF25B7.tmp not found! File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF2C84.tmp not found! File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF2E5B.tmp not found! File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF313E.tmp not found! File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\~DF318F.tmp not found! C:\Documents and Settings\fedenfam\Local Settings\Temporary Internet Files\Content.IE5\DN3EUWT4\ads[1].htm moved successfully. C:\Documents and Settings\fedenfam\Local Settings\Temporary Internet Files\Content.IE5\DHQAENNZ\si[1].htm moved successfully. C:\Documents and Settings\fedenfam\Local Settings\Temporary Internet Files\Content.IE5\1AP9H9YK\12867-Restarting-problem[1].htm moved successfully. C:\Documents and Settings\fedenfam\Local Settings\Temporary Internet Files\Content.IE5\1AP9H9YK\si[1].htm moved successfully. C:\Documents and Settings\fedenfam\Local Settings\Temporary Internet Files\Content.IE5\0ALJD893\ads[4].htm moved successfully. File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...
- December 30, 2011
- 20 replies
Hello There

Sophiekat posted a topic in Tech Support & Discussions Forum

Hi, I'm new here. I just joined yesterday. I received help with my PC problem and I am so grateful for it. Sophiekat:cool:
- December 30, 2011
- 4 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

Is there anything else I need to do? I have noticed that my PC is running a bit faster than it was especially on the Internet. It was running rather slow. Thank you for your help and for helping so quickly:) Sophie P.S. Hi to you too Bluesplayer. Thanks for suggesting I come here.
- December 30, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

I went to "My Pictures and started scrolling through them and my computer did not restart itself so that is a good sign. I'll let you know how it does. Sophie
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

OTL logfile created on: 12/29/2011 1:36:35 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 134.63 Mb Available Physical Memory | 26.40% Memory free 978.39 Mb Paging File | 520.87 Mb Available in Paging File | 53.24% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 13.25 Gb Free Space | 40.63% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Documents and Settings\fedenfam\Desktop\OTL.scr (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\WINDOWS\SYSTEM32\exshow95.exe (Kensington Technology Group) PRC - C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11122900\algo.dll () MOD - C:\Program Files\AVAST Software\Avast\defs\11122900\aswRep.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\WINDOWS\SYSTEM32\quartz.dll () MOD - C:\Program Files\UnifiedToolbar\3.2\IE\JsonExSerializer.dll () MOD - C:\WINDOWS\SYSTEM32\msdmo.dll () MOD - C:\WINDOWS\SYSTEM32\devenum.dll () ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AGCoreService) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (PackethSvc) -- C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\drivers\gameenum.sys (Microsoft Corporation) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\SYSTEM32\drivers\rtl8139.sys (Realtek Semiconductor Corporation) DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.) DRV - (ltmodem5) -- C:\WINDOWS\SYSTEM32\drivers\ltmdmnt.sys (LT) DRV - (DCamUSBSQTECH) Dual-Mode DSC(2770) -- C:\WINDOWS\SYSTEM32\drivers\SQCaptur.sys (Service & Quality Technology.) DRV - (Freedom) -- C:\WINDOWS\freedom.backup.dat () DRV - (NETMDUSB) -- C:\WINDOWS\SYSTEM32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (PalmUSBD) -- C:\WINDOWS\SYSTEM32\drivers\PalmUSBD.sys (Palm, Inc.) DRV - (ousb2hub) -- C:\WINDOWS\SYSTEM32\drivers\ousb2hub.sys (OrangeWare Corporation) DRV - (ousbehci) -- C:\WINDOWS\SYSTEM32\drivers\ousbehci.sys (OrangeWare Corporation) DRV - (S3SavageNB) -- C:\WINDOWS\SYSTEM32\drivers\s3gNBm.sys (S3 Graphics, Inc.) DRV - (pfc) -- C:\WINDOWS\SYSTEM32\drivers\pfc.sys (Padus, Inc.) DRV - (KMW_SYS) -- C:\WINDOWS\SYSTEM32\drivers\KMW_SYS.sys (Kensington Technology Group) DRV - (KID_SYS) -- C:\WINDOWS\SYSTEM32\drivers\kid_sys.sys (Kensington Technology Group) DRV - (ms_mpu401) -- C:\WINDOWS\SYSTEM32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (nv4) -- C:\WINDOWS\SYSTEM32\drivers\nv4.sys (NVIDIA Corporation) DRV - (wandrv) -- C:\WINDOWS\SYSTEM32\drivers\wandrv.sys (America Online, Inc.) DRV - (i81x) -- C:\WINDOWS\SYSTEM32\drivers\i81xnt5.sys (Intel® Corporation) DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\drivers\wADV01nt.sys (Intel® Corporation) DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\drivers\wADV02NT.sys (Intel® Corporation) DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\drivers\wADV05NT.sys (Intel® Corporation) DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\drivers\wVchNTxx.sys (Intel® Corporation) DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\drivers\wSiINTxx.sys (Intel® Corporation) DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\drivers\wATV04nt.sys (Intel® Corporation) DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\drivers\wATV01nt.sys (Intel® Corporation) DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\drivers\wCh7xxNT.sys (Intel® Corporation) DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\drivers\wATV02NT.sys (Intel® Corporation) DRV - (Ps2) -- C:\WINDOWS\SYSTEM32\drivers\PS2.sys (Hewlett-Packard Company) DRV - (PcdrNt) -- C:\WINDOWS\System32\drivers\PcdrNt.sys (PC-Doctor Inc.) DRV - (SMPLSCSI) -- C:\WINDOWS\System32\drivers\SMPLSCSI.SYS (OnSpec Electronic, Inc.) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files\Kiwee Toolbar\2.8.167\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\unifiedtoolbar@aginteractive.com: C:\Program Files\UnifiedToolbar\3.2\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}: C:\Documents and Settings\fedenfam\Local Settings\Application Data\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}\ [2010/12/10 10:32:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 16:01:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] [2011/04/19 16:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\fedenfam\Application Data\Mozilla\Extensions O1 HOSTS File: ([2011/12/29 09:49:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [EXSHOW95.EXE] C:\WINDOWS\System32\exshow95.exe (Kensington Technology Group) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\SYSTEM32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [s3TRAY2] C:\WINDOWS\System32\S3tray2.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) O4 - HKCU..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe File not found O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: DhcpNameServer = 15.60.103.1 15.60.103.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86ED904F-65B3-4B61-AB9E-522658395BDC}: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 () - http://morepictures.com/images/main/hawaiisurf.jpg O24 - Desktop Components:1 () - http://morepictures.com/images/main/diamond1.jpg O24 - Desktop Components:2 () - http://morepictures.com/images/main/hawaiipalms.jpg O24 - Desktop Components:3 () - http://images.google.com/images?q=tbn:9evOA2dfAXIJ:www.instant-art.com/catalog-safetysigns/prohibition/images/proh007-fork%2520lifts.jpg O24 - Desktop Components:4 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () - C:\AUTOEXEC.NT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/12/29 13:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\PriceGong [2011/12/29 13:25:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\Sun [2011/12/29 11:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/12/29 11:13:10 | 000,141,312 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/29 11:13:07 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/29 11:13:07 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/29 11:13:07 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/29 11:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/12/29 11:06:46 | 020,290,952 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\fedenfam\Desktop\jre-7u2-windows-i586.exe [2011/12/29 10:37:50 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2011/12/29 09:47:14 | 000,000,000 | ---D | C] -- C:\_OTL [2011/12/28 20:41:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 16:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\Malwarebytes [2011/12/28 16:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/12/28 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/12/28 16:21:08 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/28 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/12/08 11:54:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 13:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Start Menu\Programs\HiJackThis [2011/12/06 10:53:51 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/01 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input [2011/11/30 16:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011/11/30 16:00:28 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real [2011/11/30 15:59:12 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/02/21 11:55:32 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\log4cxx.dll ========== Files - Modified Within 30 Days ========== [2011/12/29 13:23:21 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/12/29 13:20:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/29 13:20:00 | 000,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2011/12/29 13:19:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/12/29 13:19:38 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2011/12/29 12:00:07 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2011/12/29 11:24:04 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/12/29 11:11:42 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/29 11:11:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/29 11:11:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/29 11:11:42 | 000,141,312 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/29 11:11:41 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2011/12/29 11:11:41 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2011/12/29 11:07:07 | 020,290,952 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\fedenfam\Desktop\jre-7u2-windows-i586.exe [2011/12/29 09:49:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2011/12/28 20:42:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 19:46:29 | 000,000,596 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2011/12/28 16:21:21 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/28 16:06:05 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/27 16:49:15 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIES BIRTHDAYS.wps [2011/12/24 12:38:02 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 16:23:28 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WHO THREW THE OVERALLS.wps [2011/12/22 20:37:16 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/22 20:35:07 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:22:28 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Weather Channel Desktop .lnk [2011/12/15 09:07:53 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/12/15 08:49:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/12/14 10:07:51 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY ANSWERS.wps [2011/12/14 09:29:56 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/12 16:36:54 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY QUESTIONS.wps [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/08 11:56:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 16:59:51 | 000,013,192 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 16:59:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps [2011/12/06 15:04:37 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:18:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/06 10:54:43 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/03 13:47:30 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2011/11/30 20:02:44 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/11/30 16:03:30 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/11/30 16:00:29 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:12 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/11/30 15:44:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\fedenfam\Ÿ¡Ÿ¡ ========== Files Created - No Company Name ========== [2011/12/28 16:21:21 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/24 12:34:18 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/21 17:19:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:53:35 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/15 08:16:33 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/12/14 09:26:44 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/06 16:59:51 | 000,013,192 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 13:24:29 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:17:35 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/05 17:44:42 | 000,035,353 | ---- | C] () -- C:\WINDOWS\_detmp.1 [2011/12/03 13:03:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:37 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/11/30 16:03:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/02/21 11:56:10 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\ie_runner_app.exe [2011/02/21 11:56:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\common_functions.dll [2011/01/27 15:04:01 | 000,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat [2010/12/29 10:56:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\prvlcl.dat [2010/06/11 13:28:30 | 000,165,432 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2010/06/11 13:28:30 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2008/11/03 16:13:37 | 000,165,256 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp [2008/11/03 16:13:36 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp [2008/10/31 15:33:22 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll [2008/10/31 15:33:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll [2008/07/06 19:00:03 | 000,000,308 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2006/01/02 21:18:55 | 000,001,595 | ---- | C] () -- C:\WINDOWS\checkip.dat [2005/12/24 23:02:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe [2005/12/21 13:40:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005/09/14 12:02:58 | 000,002,219 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2005/08/17 16:11:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/08/17 16:11:46 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/09 16:17:36 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2005/05/08 21:27:56 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005/05/08 20:31:29 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2005/03/05 14:42:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\ST1_Un0.exe [2004/12/03 17:27:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\infamous_downloader.exe [2004/12/01 21:23:12 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/11/28 13:41:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/08/15 09:20:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\TOPO.INI [2004/05/21 11:14:44 | 000,000,530 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/05/20 20:25:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\HandStory.ini [2004/05/19 15:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\install2.exe [2004/05/18 16:55:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0021-bdl94126.EXE [2004/04/02 07:02:04 | 000,000,094 | ---- | C] () -- C:\WINDOWS\regsrv32.dat [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.tif [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.dat [2004/01/17 14:03:50 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat.temp [2004/01/17 14:03:50 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat.temp [2003/12/26 21:30:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\PicView.INI [2003/12/07 18:59:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2003/10/11 20:31:37 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hegames.ini [2003/09/07 15:05:04 | 000,001,428 | -H-- | C] () -- C:\Program Files\hpothb07.dat [2003/09/07 15:05:03 | 000,005,375 | -H-- | C] () -- C:\Program Files\hpothb07.tif [2003/08/11 18:08:20 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2003/08/05 13:36:18 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\UnPoker.exe [2003/07/16 15:35:34 | 000,000,809 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2003/07/16 15:35:23 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe [2003/04/16 14:20:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2003/03/05 18:37:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\ereg077.dat [2003/02/13 19:46:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Prestopm.INI [2003/02/13 16:57:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2003/02/13 16:45:39 | 000,003,719 | ---- | C] () -- C:\WINDOWS\if40.ini [2003/02/13 16:45:39 | 000,000,174 | ---- | C] () -- C:\WINDOWS\pexplore.ini [2003/02/13 16:44:35 | 000,000,055 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI [2003/02/04 21:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini [2002/12/08 11:21:29 | 000,000,457 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2002/10/24 19:33:14 | 000,000,556 | ---- | C] () -- C:\WINDOWS\eReg.dat [2002/10/22 19:08:49 | 000,000,205 | ---- | C] () -- C:\WINDOWS\qtw.ini [2002/10/01 15:43:37 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2002/10/01 15:43:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2002/10/01 15:43:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2002/10/01 15:43:30 | 000,000,309 | ---- | C] () -- C:\WINDOWS\EReg515.dat [2002/10/01 15:40:12 | 000,000,971 | ---- | C] () -- C:\WINDOWS\disney.ini [2002/10/01 15:39:43 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2002/06/21 17:53:28 | 000,000,087 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2002/06/21 17:53:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2002/06/16 07:54:42 | 000,000,022 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI [2002/06/16 07:54:22 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2002/06/16 07:54:06 | 000,000,524 | ---- | C] () -- C:\WINDOWS\PSDWIN.INI [2002/05/31 21:32:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2002/05/16 20:34:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI [2002/05/16 20:33:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2002/04/30 19:55:02 | 000,000,008 | -H-- | C] () -- C:\WINDOWS\ssitid.dat [2002/04/30 19:48:53 | 000,037,364 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat [2002/04/13 17:54:15 | 000,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI [2002/04/11 11:28:03 | 000,000,596 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2002/04/11 11:27:38 | 004,700,056 | ---- | C] () -- C:\WINDOWS\Pacific Coasts Screen Savers .dat [2002/04/11 11:27:11 | 001,554,637 | ---- | C] () -- C:\WINDOWS\Space Screen Savers .dat [2002/04/11 11:26:15 | 011,280,733 | ---- | C] () -- C:\WINDOWS\Majestic Mountains Rivers and Waterfalls Screen Sa.dat [2002/04/11 11:25:45 | 001,643,542 | ---- | C] () -- C:\WINDOWS\Landmarks Screen Savers .dat [2002/04/11 11:25:31 | 009,175,824 | ---- | C] () -- C:\WINDOWS\Animals of America screen saver.dat [2002/04/11 11:24:41 | 008,290,006 | ---- | C] () -- C:\WINDOWS\US Cities.dat [2002/04/11 11:24:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe [2002/04/11 11:23:47 | 000,000,010 | ---- | C] () -- C:\WINDOWS\4discbib.ini [2002/04/11 11:23:47 | 000,000,007 | ---- | C] () -- C:\WINDOWS\gbaform1.ini [2002/04/09 07:46:43 | 000,060,464 | R--- | C] () -- C:\WINDOWS\System32\tlcsel32.dll [2002/04/09 07:46:43 | 000,016,540 | R--- | C] () -- C:\WINDOWS\System32\tlcsel17.dll [2001/11/09 10:41:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001/11/08 19:43:04 | 000,000,562 | ---- | C] () -- C:\WINDOWS\System32\Px.ini [2001/11/06 18:50:47 | 000,082,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE [2001/11/06 18:50:46 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL [2001/11/06 18:50:46 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll [2001/11/06 18:46:13 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.0.153.exe [2001/11/06 18:45:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL [2001/11/06 18:45:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll [2001/11/06 18:37:54 | 000,009,876 | ---- | C] () -- C:\WINDOWS\System32\usbbc.sys [2001/11/06 18:37:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallDriver.exe [2001/11/06 18:21:26 | 000,000,515 | ---- | C] () -- C:\WINDOWS\fantasy2.ini [2001/11/06 18:21:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\album.ini [2001/11/06 18:21:26 | 000,000,008 | ---- | C] () -- C:\WINDOWS\pstudio.ini [2001/11/06 17:50:13 | 000,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll [2001/11/06 17:50:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll [2001/11/06 17:49:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2001/11/06 13:40:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001/11/06 13:39:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2001/11/06 13:32:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2001/11/06 13:31:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2001/11/06 05:27:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2001/11/06 05:26:54 | 000,235,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2001/11/06 05:21:55 | 000,000,649 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2001/11/06 05:21:27 | 000,434,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/11/06 05:21:27 | 000,068,624 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/11/06 05:21:25 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/11/06 05:21:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/17 21:38:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2001/08/17 12:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/17 12:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/17 12:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/08 06:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll [2001/08/07 17:07:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll [2001/07/21 13:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/07/21 13:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/07/21 13:24:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2000/12/29 09:34:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [1997/06/13 16:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll < End of report > OTL Extras logfile created on: 12/29/2011 1:36:35 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 134.63 Mb Available Physical Memory | 26.40% Memory free 978.39 Mb Paging File | 520.87 Mb Available in Paging File | 53.24% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 13.25 Gb Free Space | 40.63% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\support.com\bin\tgcmd.exe" = C:\Program Files\support.com\bin\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire "C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation) "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Ahead software AG) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{10deb052-db5d-32a6-9ff2-200e810d1a7b}" = Kiwee Toolbar for Firefox "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar "{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java 7 Update 2 "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{343DB62F-891F-45EC-BED3-E2F56CEB1B7C}" = Adobe Flash Player 10 Plugin "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57764780-E33B-11D1-96ED-00A024A83A15}" = Kensington MouseWorks "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8aade841-03c5-486a-b048-bb112cc0cac5}" = egreetings.com Toolbar for Internet Explorer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF7DB138-76ED-4E17-8764-1AAE1792F30F}" = Sony MP3 Conversion Tool "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack "{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help "{F93D2591-8201-4692-BD8D-67A0BFAC9C14}" = SweetIM Toolbar for Internet Explorer 3.9 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "America Online us" = America Online "avast" = avast! Free Antivirus "BackWeb-137903 Uninstaller" = hp center "Card Games" = Card Games "CCleaner" = CCleaner (remove only) "Google Updater" = Google Updater "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "ie8" = Windows Internet Explorer 8 "Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only) "IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "MGI PhotoSuite Mobile Edition" = MGI PhotoSuite Mobile Edition (Remove only) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MUSICMATCH Jukebox" = MUSICMATCH Jukebox "Nero PhotoShow Express" = Nero PhotoShow Express "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "PCDoctor" = PC-Doctor for Windows "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "RealPlayer 15.0" = RealPlayer "Scanport Applications" = Presto! PageManager "Searchqu MediaBar" = Windows Searchqu Toolbar "Shop for HP Supplies" = Shop for HP Supplies "Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "TOPO!" = TOPO! "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2002Setup" = Microsoft Works and Money 2002 Setup Launcher "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Consumer Input Software" = Consumer Input Software (remove only) "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/17/2011 8:49:54 PM | Computer Name = HP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. Error - 8/17/2011 8:50:07 PM | Computer Name = HP | Source = Application Error | ID = 1001 Description = Fault bucket 1228147305. Error - 8/17/2011 9:02:58 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application Weather.exe, version 6.7.0.17, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/17/2011 9:04:21 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 517211759. Error - 8/18/2011 12:20:21 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/18/2011 12:20:40 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:09:49 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:11:06 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:17:44 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:18:12 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. [ System Events ] Error - 12/29/2011 2:50:02 PM | Computer Name = HP | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 12/29/2011 2:50:02 PM | Computer Name = HP | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 12/29/2011 2:52:30 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/29/2011 2:53:28 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/29/2011 2:54:57 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/29/2011 2:54:57 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI Error - 12/29/2011 5:20:10 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/29/2011 5:21:20 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/29/2011 5:22:43 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/29/2011 5:22:43 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI < End of report >
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

OTL logfile created on: 12/29/2011 1:36:35 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 134.63 Mb Available Physical Memory | 26.40% Memory free 978.39 Mb Paging File | 520.87 Mb Available in Paging File | 53.24% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 13.25 Gb Free Space | 40.63% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Documents and Settings\fedenfam\Desktop\OTL.scr (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\WINDOWS\SYSTEM32\exshow95.exe (Kensington Technology Group) PRC - C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11122900\algo.dll () MOD - C:\Program Files\AVAST Software\Avast\defs\11122900\aswRep.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\WINDOWS\SYSTEM32\quartz.dll () MOD - C:\Program Files\UnifiedToolbar\3.2\IE\JsonExSerializer.dll () MOD - C:\WINDOWS\SYSTEM32\msdmo.dll () MOD - C:\WINDOWS\SYSTEM32\devenum.dll () ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AGCoreService) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (PackethSvc) -- C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\drivers\gameenum.sys (Microsoft Corporation) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\SYSTEM32\drivers\rtl8139.sys (Realtek Semiconductor Corporation) DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.) DRV - (ltmodem5) -- C:\WINDOWS\SYSTEM32\drivers\ltmdmnt.sys (LT) DRV - (DCamUSBSQTECH) Dual-Mode DSC(2770) -- C:\WINDOWS\SYSTEM32\drivers\SQCaptur.sys (Service & Quality Technology.) DRV - (Freedom) -- C:\WINDOWS\freedom.backup.dat () DRV - (NETMDUSB) -- C:\WINDOWS\SYSTEM32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (PalmUSBD) -- C:\WINDOWS\SYSTEM32\drivers\PalmUSBD.sys (Palm, Inc.) DRV - (ousb2hub) -- C:\WINDOWS\SYSTEM32\drivers\ousb2hub.sys (OrangeWare Corporation) DRV - (ousbehci) -- C:\WINDOWS\SYSTEM32\drivers\ousbehci.sys (OrangeWare Corporation) DRV - (S3SavageNB) -- C:\WINDOWS\SYSTEM32\drivers\s3gNBm.sys (S3 Graphics, Inc.) DRV - (pfc) -- C:\WINDOWS\SYSTEM32\drivers\pfc.sys (Padus, Inc.) DRV - (KMW_SYS) -- C:\WINDOWS\SYSTEM32\drivers\KMW_SYS.sys (Kensington Technology Group) DRV - (KID_SYS) -- C:\WINDOWS\SYSTEM32\drivers\kid_sys.sys (Kensington Technology Group) DRV - (ms_mpu401) -- C:\WINDOWS\SYSTEM32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (nv4) -- C:\WINDOWS\SYSTEM32\drivers\nv4.sys (NVIDIA Corporation) DRV - (wandrv) -- C:\WINDOWS\SYSTEM32\drivers\wandrv.sys (America Online, Inc.) DRV - (i81x) -- C:\WINDOWS\SYSTEM32\drivers\i81xnt5.sys (Intel® Corporation) DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\drivers\wADV01nt.sys (Intel® Corporation) DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\drivers\wADV02NT.sys (Intel® Corporation) DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\drivers\wADV05NT.sys (Intel® Corporation) DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\drivers\wVchNTxx.sys (Intel® Corporation) DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\drivers\wSiINTxx.sys (Intel® Corporation) DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\drivers\wATV04nt.sys (Intel® Corporation) DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\drivers\wATV01nt.sys (Intel® Corporation) DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\drivers\wCh7xxNT.sys (Intel® Corporation) DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\drivers\wATV02NT.sys (Intel® Corporation) DRV - (Ps2) -- C:\WINDOWS\SYSTEM32\drivers\PS2.sys (Hewlett-Packard Company) DRV - (PcdrNt) -- C:\WINDOWS\System32\drivers\PcdrNt.sys (PC-Doctor Inc.) DRV - (SMPLSCSI) -- C:\WINDOWS\System32\drivers\SMPLSCSI.SYS (OnSpec Electronic, Inc.) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files\Kiwee Toolbar\2.8.167\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\unifiedtoolbar@aginteractive.com: C:\Program Files\UnifiedToolbar\3.2\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}: C:\Documents and Settings\fedenfam\Local Settings\Application Data\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}\ [2010/12/10 10:32:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 16:01:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] [2011/04/19 16:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\fedenfam\Application Data\Mozilla\Extensions O1 HOSTS File: ([2011/12/29 09:49:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [EXSHOW95.EXE] C:\WINDOWS\System32\exshow95.exe (Kensington Technology Group) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\SYSTEM32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [s3TRAY2] C:\WINDOWS\System32\S3tray2.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) O4 - HKCU..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe File not found O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: DhcpNameServer = 15.60.103.1 15.60.103.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86ED904F-65B3-4B61-AB9E-522658395BDC}: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 () - http://morepictures.com/images/main/hawaiisurf.jpg O24 - Desktop Components:1 () - http://morepictures.com/images/main/diamond1.jpg O24 - Desktop Components:2 () - http://morepictures.com/images/main/hawaiipalms.jpg O24 - Desktop Components:3 () - http://images.google.com/images?q=tbn:9evOA2dfAXIJ:www.instant-art.com/catalog-safetysigns/prohibition/images/proh007-fork%2520lifts.jpg O24 - Desktop Components:4 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () - C:\AUTOEXEC.NT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/12/29 13:28:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\PriceGong [2011/12/29 13:25:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\Sun [2011/12/29 11:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011/12/29 11:13:10 | 000,141,312 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/29 11:13:07 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/29 11:13:07 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/29 11:13:07 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/29 11:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/12/29 11:06:46 | 020,290,952 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\fedenfam\Desktop\jre-7u2-windows-i586.exe [2011/12/29 10:37:50 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2011/12/29 09:47:14 | 000,000,000 | ---D | C] -- C:\_OTL [2011/12/28 20:41:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 16:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\Malwarebytes [2011/12/28 16:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/12/28 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/12/28 16:21:08 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/28 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/12/08 11:54:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 13:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Start Menu\Programs\HiJackThis [2011/12/06 10:53:51 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/01 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input [2011/11/30 16:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011/11/30 16:00:28 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real [2011/11/30 15:59:12 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/02/21 11:55:32 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\log4cxx.dll ========== Files - Modified Within 30 Days ========== [2011/12/29 13:23:21 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/12/29 13:20:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/29 13:20:00 | 000,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2011/12/29 13:19:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/12/29 13:19:38 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2011/12/29 12:00:07 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2011/12/29 11:24:04 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/12/29 11:11:42 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/29 11:11:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/29 11:11:42 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/29 11:11:42 | 000,141,312 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/29 11:11:41 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll [2011/12/29 11:11:41 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2011/12/29 11:07:07 | 020,290,952 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\fedenfam\Desktop\jre-7u2-windows-i586.exe [2011/12/29 09:49:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2011/12/28 20:42:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 19:46:29 | 000,000,596 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2011/12/28 16:21:21 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/28 16:06:05 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/27 16:49:15 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIES BIRTHDAYS.wps [2011/12/24 12:38:02 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 16:23:28 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WHO THREW THE OVERALLS.wps [2011/12/22 20:37:16 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/22 20:35:07 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:22:28 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Weather Channel Desktop .lnk [2011/12/15 09:07:53 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/12/15 08:49:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/12/14 10:07:51 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY ANSWERS.wps [2011/12/14 09:29:56 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/12 16:36:54 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY QUESTIONS.wps [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/08 11:56:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 16:59:51 | 000,013,192 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 16:59:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps [2011/12/06 15:04:37 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:18:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/06 10:54:43 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/03 13:47:30 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2011/11/30 20:02:44 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/11/30 16:03:30 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/11/30 16:00:29 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:12 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/11/30 15:44:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\fedenfam\Ÿ¡Ÿ¡ ========== Files Created - No Company Name ========== [2011/12/28 16:21:21 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/24 12:34:18 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/21 17:19:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:53:35 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/15 08:16:33 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/12/14 09:26:44 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/06 16:59:51 | 000,013,192 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 13:24:29 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:17:35 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/05 17:44:42 | 000,035,353 | ---- | C] () -- C:\WINDOWS\_detmp.1 [2011/12/03 13:03:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:37 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/11/30 16:03:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/02/21 11:56:10 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\ie_runner_app.exe [2011/02/21 11:56:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\common_functions.dll [2011/01/27 15:04:01 | 000,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat [2010/12/29 10:56:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\prvlcl.dat [2010/06/11 13:28:30 | 000,165,432 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2010/06/11 13:28:30 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2008/11/03 16:13:37 | 000,165,256 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp [2008/11/03 16:13:36 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp [2008/10/31 15:33:22 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll [2008/10/31 15:33:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll [2008/07/06 19:00:03 | 000,000,308 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2006/01/02 21:18:55 | 000,001,595 | ---- | C] () -- C:\WINDOWS\checkip.dat [2005/12/24 23:02:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe [2005/12/21 13:40:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005/09/14 12:02:58 | 000,002,219 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2005/08/17 16:11:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/08/17 16:11:46 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/09 16:17:36 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2005/05/08 21:27:56 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005/05/08 20:31:29 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2005/03/05 14:42:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\ST1_Un0.exe [2004/12/03 17:27:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\infamous_downloader.exe [2004/12/01 21:23:12 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/11/28 13:41:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/08/15 09:20:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\TOPO.INI [2004/05/21 11:14:44 | 000,000,530 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/05/20 20:25:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\HandStory.ini [2004/05/19 15:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\install2.exe [2004/05/18 16:55:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0021-bdl94126.EXE [2004/04/02 07:02:04 | 000,000,094 | ---- | C] () -- C:\WINDOWS\regsrv32.dat [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.tif [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.dat [2004/01/17 14:03:50 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat.temp [2004/01/17 14:03:50 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat.temp [2003/12/26 21:30:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\PicView.INI [2003/12/07 18:59:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2003/10/11 20:31:37 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hegames.ini [2003/09/07 15:05:04 | 000,001,428 | -H-- | C] () -- C:\Program Files\hpothb07.dat [2003/09/07 15:05:03 | 000,005,375 | -H-- | C] () -- C:\Program Files\hpothb07.tif [2003/08/11 18:08:20 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2003/08/05 13:36:18 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\UnPoker.exe [2003/07/16 15:35:34 | 000,000,809 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2003/07/16 15:35:23 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe [2003/04/16 14:20:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2003/03/05 18:37:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\ereg077.dat [2003/02/13 19:46:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Prestopm.INI [2003/02/13 16:57:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2003/02/13 16:45:39 | 000,003,719 | ---- | C] () -- C:\WINDOWS\if40.ini [2003/02/13 16:45:39 | 000,000,174 | ---- | C] () -- C:\WINDOWS\pexplore.ini [2003/02/13 16:44:35 | 000,000,055 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI [2003/02/04 21:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini [2002/12/08 11:21:29 | 000,000,457 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2002/10/24 19:33:14 | 000,000,556 | ---- | C] () -- C:\WINDOWS\eReg.dat [2002/10/22 19:08:49 | 000,000,205 | ---- | C] () -- C:\WINDOWS\qtw.ini [2002/10/01 15:43:37 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2002/10/01 15:43:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2002/10/01 15:43:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2002/10/01 15:43:30 | 000,000,309 | ---- | C] () -- C:\WINDOWS\EReg515.dat [2002/10/01 15:40:12 | 000,000,971 | ---- | C] () -- C:\WINDOWS\disney.ini [2002/10/01 15:39:43 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2002/06/21 17:53:28 | 000,000,087 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2002/06/21 17:53:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2002/06/16 07:54:42 | 000,000,022 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI [2002/06/16 07:54:22 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2002/06/16 07:54:06 | 000,000,524 | ---- | C] () -- C:\WINDOWS\PSDWIN.INI [2002/05/31 21:32:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2002/05/16 20:34:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI [2002/05/16 20:33:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2002/04/30 19:55:02 | 000,000,008 | -H-- | C] () -- C:\WINDOWS\ssitid.dat [2002/04/30 19:48:53 | 000,037,364 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat [2002/04/13 17:54:15 | 000,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI [2002/04/11 11:28:03 | 000,000,596 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2002/04/11 11:27:38 | 004,700,056 | ---- | C] () -- C:\WINDOWS\Pacific Coasts Screen Savers .dat [2002/04/11 11:27:11 | 001,554,637 | ---- | C] () -- C:\WINDOWS\Space Screen Savers .dat [2002/04/11 11:26:15 | 011,280,733 | ---- | C] () -- C:\WINDOWS\Majestic Mountains Rivers and Waterfalls Screen Sa.dat [2002/04/11 11:25:45 | 001,643,542 | ---- | C] () -- C:\WINDOWS\Landmarks Screen Savers .dat [2002/04/11 11:25:31 | 009,175,824 | ---- | C] () -- C:\WINDOWS\Animals of America screen saver.dat [2002/04/11 11:24:41 | 008,290,006 | ---- | C] () -- C:\WINDOWS\US Cities.dat [2002/04/11 11:24:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe [2002/04/11 11:23:47 | 000,000,010 | ---- | C] () -- C:\WINDOWS\4discbib.ini [2002/04/11 11:23:47 | 000,000,007 | ---- | C] () -- C:\WINDOWS\gbaform1.ini [2002/04/09 07:46:43 | 000,060,464 | R--- | C] () -- C:\WINDOWS\System32\tlcsel32.dll [2002/04/09 07:46:43 | 000,016,540 | R--- | C] () -- C:\WINDOWS\System32\tlcsel17.dll [2001/11/09 10:41:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001/11/08 19:43:04 | 000,000,562 | ---- | C] () -- C:\WINDOWS\System32\Px.ini [2001/11/06 18:50:47 | 000,082,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE [2001/11/06 18:50:46 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL [2001/11/06 18:50:46 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll [2001/11/06 18:46:13 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.0.153.exe [2001/11/06 18:45:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL [2001/11/06 18:45:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll [2001/11/06 18:37:54 | 000,009,876 | ---- | C] () -- C:\WINDOWS\System32\usbbc.sys [2001/11/06 18:37:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallDriver.exe [2001/11/06 18:21:26 | 000,000,515 | ---- | C] () -- C:\WINDOWS\fantasy2.ini [2001/11/06 18:21:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\album.ini [2001/11/06 18:21:26 | 000,000,008 | ---- | C] () -- C:\WINDOWS\pstudio.ini [2001/11/06 17:50:13 | 000,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll [2001/11/06 17:50:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll [2001/11/06 17:49:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2001/11/06 13:40:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001/11/06 13:39:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2001/11/06 13:32:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2001/11/06 13:31:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2001/11/06 05:27:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2001/11/06 05:26:54 | 000,235,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2001/11/06 05:21:55 | 000,000,649 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2001/11/06 05:21:27 | 000,434,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/11/06 05:21:27 | 000,068,624 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/11/06 05:21:25 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/11/06 05:21:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/17 21:38:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2001/08/17 12:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/17 12:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/17 12:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/08 06:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll [2001/08/07 17:07:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll [2001/07/21 13:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/07/21 13:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/07/21 13:24:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2000/12/29 09:34:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [1997/06/13 16:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll < End of report > OTL Extras logfile created on: 12/29/2011 1:36:35 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 134.63 Mb Available Physical Memory | 26.40% Memory free 978.39 Mb Paging File | 520.87 Mb Available in Paging File | 53.24% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 13.25 Gb Free Space | 40.63% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\support.com\bin\tgcmd.exe" = C:\Program Files\support.com\bin\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire "C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation) "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Ahead software AG) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{10deb052-db5d-32a6-9ff2-200e810d1a7b}" = Kiwee Toolbar for Firefox "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar "{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java 7 Update 2 "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{343DB62F-891F-45EC-BED3-E2F56CEB1B7C}" = Adobe Flash Player 10 Plugin "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57764780-E33B-11D1-96ED-00A024A83A15}" = Kensington MouseWorks "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8aade841-03c5-486a-b048-bb112cc0cac5}" = egreetings.com Toolbar for Internet Explorer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF7DB138-76ED-4E17-8764-1AAE1792F30F}" = Sony MP3 Conversion Tool "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack "{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help "{F93D2591-8201-4692-BD8D-67A0BFAC9C14}" = SweetIM Toolbar for Internet Explorer 3.9 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "America Online us" = America Online "avast" = avast! Free Antivirus "BackWeb-137903 Uninstaller" = hp center "Card Games" = Card Games "CCleaner" = CCleaner (remove only) "Google Updater" = Google Updater "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "ie8" = Windows Internet Explorer 8 "Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only) "IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "MGI PhotoSuite Mobile Edition" = MGI PhotoSuite Mobile Edition (Remove only) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MUSICMATCH Jukebox" = MUSICMATCH Jukebox "Nero PhotoShow Express" = Nero PhotoShow Express "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "PCDoctor" = PC-Doctor for Windows "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "RealPlayer 15.0" = RealPlayer "Scanport Applications" = Presto! PageManager "Searchqu MediaBar" = Windows Searchqu Toolbar "Shop for HP Supplies" = Shop for HP Supplies "Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "TOPO!" = TOPO! "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2002Setup" = Microsoft Works and Money 2002 Setup Launcher "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Consumer Input Software" = Consumer Input Software (remove only) "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/17/2011 8:49:54 PM | Computer Name = HP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. Error - 8/17/2011 8:50:07 PM | Computer Name = HP | Source = Application Error | ID = 1001 Description = Fault bucket 1228147305. Error - 8/17/2011 9:02:58 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application Weather.exe, version 6.7.0.17, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/17/2011 9:04:21 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 517211759. Error - 8/18/2011 12:20:21 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/18/2011 12:20:40 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:09:49 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:11:06 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:17:44 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:18:12 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. [ System Events ] Error - 12/29/2011 2:50:02 PM | Computer Name = HP | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 12/29/2011 2:50:02 PM | Computer Name = HP | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 12/29/2011 2:52:30 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/29/2011 2:53:28 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/29/2011 2:54:57 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/29/2011 2:54:57 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI Error - 12/29/2011 5:20:10 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/29/2011 5:21:20 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/29/2011 5:22:43 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/29/2011 5:22:43 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI < End of report >
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

Oh one more thing. I can't locate the IMesh MediaBar in the add/remove. I see one that says Mediabar. Is that it? Sophiekat
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

Never mind. I got it to work and have downloaded it. Sophiekat
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

I deleted the programs you mentioned above but I am having trouble with the Java. I went to the site you posted above to update it but I don't know what to click on. I click on the one that says Download JRE but it wouldn't go the page. Help Sophiekat
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

All processes killed Error: Unable to interpret <Code:> in the current context! ========== OTL ========== Service Winkebo stopped successfully! Service Winkebo deleted successfully! File File not found not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}\ deleted successfully. C:\Program Files\Consumer Input\dca-bho.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ deleted successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91917DC6-93B9-4E62-B2D6-D39C9618C418}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91917DC6-93B9-4E62-B2D6-D39C9618C418}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FF99715-3016-4381-84CE-E4E4C9673020} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}\ not found. File C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSWheel deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\windows auto update deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Works Update Detection deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\regsrv32.exe deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk moved successfully. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center.lnk moved successfully. C:\Documents and Settings\fedenfam\Start Menu\Programs\Startup\HandStory.lnk moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{669B269B-0D4E-41FB-A3D8-FD67CA94F646}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{669B269B-0D4E-41FB-A3D8-FD67CA94F646}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6C8741AB-53B4-476e-BE7C-F519AD8A6494}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C8741AB-53B4-476e-BE7C-F519AD8A6494}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6C8741AB-53B4-476e-BE7C-F519AD8A6494}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C8741AB-53B4-476e-BE7C-F519AD8A6494}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8828075D-D097-4055-AA02-2DBFA9D85E8A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8828075D-D097-4055-AA02-2DBFA9D85E8A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{97809617-3937-4F84-B335-9BB05EF1A8D4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97809617-3937-4F84-B335-9BB05EF1A8D4}\ not found. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Starting removal of ActiveX control CabBuilder Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\CabBuilder\ not found. File oft XML Parser for Java http://file://C:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. C:\WINDOWS\SYSTEM32\Ÿ¡Ÿ¡ moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Bwijuro\ deleted successfully. ========== FILES ========== C:\Program Files\Windows Searchqu Toolbar\ToolBar\components folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\options folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\skin folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.http://www.3.YouTube.1217 folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.http://www.3.Twitter.1257 folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.http://www.3.Twitter.1255 folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.http://www.3.Twitter.1227 folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\modules folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\lib folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\data folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar\chrome folder moved successfully. C:\Program Files\Windows Searchqu Toolbar\ToolBar folder moved successfully. C:\Program Files\Windows Searchqu Toolbar folder moved successfully. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Documents and Settings\fedenfam\Desktop\cmd.bat deleted successfully. C:\Documents and Settings\fedenfam\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 14394565 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: fedenfam ->Temp folder emptied: 59927205 bytes ->Temporary Internet Files folder emptied: 47476362 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 527 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 6535807 bytes ->Flash cache emptied: 466 bytes User: NetworkService ->Temp folder emptied: 1261418 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Owner %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 39097 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1920883 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 226670437 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 594636 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 342.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 12292011_094714 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\fedenfam\Local Settings\Temp\Perflib_Perfdata_1744.dat not found! File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\TMP00000001BD4456AB94D1A070 not found! Registry entries deleted on Reboot...
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

OTL logfile created on: 12/28/2011 8:46:18 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 160.20 Mb Available Physical Memory | 31.41% Memory free 1.12 Gb Paging File | 0.37 Gb Available in Paging File | 32.77% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 12.71 Gb Free Space | 38.99% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\fedenfam\Desktop\OTL.scr (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\WINDOWS\SYSTEM32\exshow95.exe (Kensington Technology Group) PRC - C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11122801\algo.dll () MOD - C:\Program Files\AVAST Software\Avast\defs\11122801\aswRep.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\Program Files\UnifiedToolbar\3.2\IE\JsonExSerializer.dll () ========== Win32 Services (SafeList) ========== SRV - (Winkebo) -- File not found SRV - (AppMgmt) -- File not found SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AGCoreService) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (PackethSvc) -- C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\drivers\gameenum.sys (Microsoft Corporation) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\SYSTEM32\drivers\rtl8139.sys (Realtek Semiconductor Corporation) DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.) DRV - (ltmodem5) -- C:\WINDOWS\SYSTEM32\drivers\ltmdmnt.sys (LT) DRV - (DCamUSBSQTECH) Dual-Mode DSC(2770) -- C:\WINDOWS\SYSTEM32\drivers\SQCaptur.sys (Service & Quality Technology.) DRV - (Freedom) -- C:\WINDOWS\freedom.backup.dat () DRV - (NETMDUSB) -- C:\WINDOWS\SYSTEM32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (PalmUSBD) -- C:\WINDOWS\SYSTEM32\drivers\PalmUSBD.sys (Palm, Inc.) DRV - (ousb2hub) -- C:\WINDOWS\SYSTEM32\drivers\ousb2hub.sys (OrangeWare Corporation) DRV - (ousbehci) -- C:\WINDOWS\SYSTEM32\drivers\ousbehci.sys (OrangeWare Corporation) DRV - (S3SavageNB) -- C:\WINDOWS\SYSTEM32\drivers\s3gNBm.sys (S3 Graphics, Inc.) DRV - (pfc) -- C:\WINDOWS\SYSTEM32\drivers\pfc.sys (Padus, Inc.) DRV - (KMW_SYS) -- C:\WINDOWS\SYSTEM32\drivers\KMW_SYS.sys (Kensington Technology Group) DRV - (KID_SYS) -- C:\WINDOWS\SYSTEM32\drivers\kid_sys.sys (Kensington Technology Group) DRV - (ms_mpu401) -- C:\WINDOWS\SYSTEM32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (nv4) -- C:\WINDOWS\SYSTEM32\drivers\nv4.sys (NVIDIA Corporation) DRV - (wandrv) -- C:\WINDOWS\SYSTEM32\drivers\wandrv.sys (America Online, Inc.) DRV - (i81x) -- C:\WINDOWS\SYSTEM32\drivers\i81xnt5.sys (Intel® Corporation) DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\drivers\wADV01nt.sys (Intel® Corporation) DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\drivers\wADV02NT.sys (Intel® Corporation) DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\drivers\wADV05NT.sys (Intel® Corporation) DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\drivers\wVchNTxx.sys (Intel® Corporation) DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\drivers\wSiINTxx.sys (Intel® Corporation) DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\drivers\wATV04nt.sys (Intel® Corporation) DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\drivers\wATV01nt.sys (Intel® Corporation) DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\drivers\wCh7xxNT.sys (Intel® Corporation) DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\drivers\wATV02NT.sys (Intel® Corporation) DRV - (Ps2) -- C:\WINDOWS\SYSTEM32\drivers\PS2.sys (Hewlett-Packard Company) DRV - (PcdrNt) -- C:\WINDOWS\System32\drivers\PcdrNt.sys (PC-Doctor Inc.) DRV - (SMPLSCSI) -- C:\WINDOWS\System32\drivers\SMPLSCSI.SYS (OnSpec Electronic, Inc.) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files\Kiwee Toolbar\2.8.167\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\unifiedtoolbar@aginteractive.com: C:\Program Files\UnifiedToolbar\3.2\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}: C:\Documents and Settings\fedenfam\Local Settings\Application Data\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}\ [2010/12/10 10:32:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 16:01:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] [2011/04/19 16:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\fedenfam\Application Data\Mozilla\Extensions O1 HOSTS File: ([2008/07/09 20:01:23 | 000,250,869 | R--- | M]) - C:\WINDOWS\SYSTEM32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.139mm.com O1 - Hosts: 8769 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - No CLSID value found. O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll () O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (no name) - {91917DC6-93B9-4E62-B2D6-D39C9618C418} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll () O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Consumer Input\dca-bho.dll (Compete, Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) O4 - HKLM..\Run: [EXSHOW95.EXE] C:\WINDOWS\System32\exshow95.exe (Kensington Technology Group) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [MSWheel] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\SYSTEM32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [s3TRAY2] C:\WINDOWS\System32\S3tray2.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [windows auto update] File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) O4 - HKCU..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe File not found O4 - HKCU..\Run: [regsrv32.exe] regsrv32.exe File not found O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk = File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center.lnk = File not found O4 - Startup: C:\Documents and Settings\fedenfam\Start Menu\Programs\Startup\HandStory.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ File not found O9 - Extra Button: Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Palm\HandStoryTE.htm File not found O9 - Extra 'Tools' menuitem : &Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Palm\HandStoryTE.htm File not found O9 - Extra Button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ File not found O9 - Extra Button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java http://file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: DhcpNameServer = 15.60.103.1 15.60.103.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86ED904F-65B3-4B61-AB9E-522658395BDC}: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - AppInit_DLLs: (c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll) -c:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (c:\progra~1\imesha~1\mediabar\datamngr\iebho.dll) -c:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 () - http://morepictures.com/images/main/hawaiisurf.jpg O24 - Desktop Components:1 () - http://morepictures.com/images/main/diamond1.jpg O24 - Desktop Components:2 () - http://morepictures.com/images/main/hawaiipalms.jpg O24 - Desktop Components:3 () - http://images.google.com/images?q=tbn:9evOA2dfAXIJ:www.instant-art.com/catalog-safetysigns/prohibition/images/proh007-fork%2520lifts.jpg O24 - Desktop Components:4 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () - C:\AUTOEXEC.NT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Documents and Settings^fedenfam^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - () MsConfig - StartUpReg: Bwijuro - hkey= - key= - File not found MsConfig - StartUpReg: DW6 - hkey= - key= - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.) MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/12/28 20:41:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 16:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\Malwarebytes [2011/12/28 16:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/12/28 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/12/28 16:21:08 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/28 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/12/08 11:54:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 13:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Start Menu\Programs\HiJackThis [2011/12/06 10:53:51 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/01 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input [2011/11/30 16:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011/11/30 16:00:28 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real [2011/11/30 15:59:12 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/02/21 11:55:32 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\log4cxx.dll [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/12/28 20:54:04 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/12/28 20:42:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 19:46:29 | 000,000,596 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2011/12/28 16:21:21 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/28 16:06:05 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/28 14:19:05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/12/28 13:53:44 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/28 13:52:56 | 000,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2011/12/28 13:52:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/12/28 13:52:25 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2011/12/28 12:00:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2011/12/28 11:24:02 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/12/27 16:49:15 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIES BIRTHDAYS.wps [2011/12/24 12:38:02 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 16:23:28 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WHO THREW THE OVERALLS.wps [2011/12/23 13:20:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Ÿ¡Ÿ¡ [2011/12/22 20:37:16 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/22 20:35:07 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:22:28 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Weather Channel Desktop .lnk [2011/12/15 09:07:53 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/12/15 08:49:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/12/14 10:07:51 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY ANSWERS.wps [2011/12/14 09:29:56 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/12 16:36:54 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY QUESTIONS.wps [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/08 11:56:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 16:59:51 | 000,013,192 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 16:59:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps [2011/12/06 15:04:37 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:18:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/06 10:54:43 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/03 13:47:30 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2011/11/30 20:02:44 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/11/30 16:03:30 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/11/30 16:00:29 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:12 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/11/30 15:44:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\fedenfam\Ÿ¡Ÿ¡ [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/12/28 16:21:21 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/24 12:34:18 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 13:20:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ÿ¡Ÿ¡ [2011/12/21 17:19:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:53:35 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/15 08:16:33 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/12/14 09:26:44 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/06 16:59:51 | 000,013,192 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 13:24:29 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:17:35 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/05 17:44:42 | 000,035,353 | ---- | C] () -- C:\WINDOWS\_detmp.1 [2011/12/03 13:03:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:37 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/11/30 16:03:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/02/21 11:56:10 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\ie_runner_app.exe [2011/02/21 11:56:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\common_functions.dll [2011/01/27 15:04:01 | 000,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat [2010/12/29 10:56:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\prvlcl.dat [2010/06/11 13:28:30 | 000,165,432 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2010/06/11 13:28:30 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2008/11/03 16:13:37 | 000,165,256 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp [2008/11/03 16:13:36 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp [2008/10/31 15:33:22 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll [2008/10/31 15:33:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll [2008/07/06 19:00:03 | 000,000,308 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2008/05/16 10:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2006/01/02 21:18:55 | 000,001,595 | ---- | C] () -- C:\WINDOWS\checkip.dat [2005/12/24 23:02:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe [2005/12/21 13:40:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005/09/14 12:02:58 | 000,002,219 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2005/08/17 16:11:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/08/17 16:11:46 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/09 16:17:36 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2005/05/08 21:27:56 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005/05/08 20:31:29 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2005/03/05 14:42:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\ST1_Un0.exe [2004/12/03 17:27:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\infamous_downloader.exe [2004/12/01 21:23:12 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/11/28 13:41:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/08/15 09:20:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\TOPO.INI [2004/05/21 11:14:44 | 000,000,530 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/05/20 20:25:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\HandStory.ini [2004/05/19 15:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\install2.exe [2004/05/18 16:55:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0021-bdl94126.EXE [2004/04/02 07:02:04 | 000,000,094 | ---- | C] () -- C:\WINDOWS\regsrv32.dat [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.tif [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.dat [2004/01/17 14:03:50 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat.temp [2004/01/17 14:03:50 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat.temp [2003/12/26 21:30:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\PicView.INI [2003/12/07 18:59:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2003/10/11 20:31:37 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hegames.ini [2003/09/07 15:05:04 | 000,001,428 | -H-- | C] () -- C:\Program Files\hpothb07.dat [2003/09/07 15:05:03 | 000,005,375 | -H-- | C] () -- C:\Program Files\hpothb07.tif [2003/08/11 18:08:20 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2003/08/05 13:36:18 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\UnPoker.exe [2003/07/16 15:35:34 | 000,000,809 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2003/07/16 15:35:23 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe [2003/04/16 14:20:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2003/03/05 18:37:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\ereg077.dat [2003/02/13 19:46:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Prestopm.INI [2003/02/13 16:57:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2003/02/13 16:45:39 | 000,003,719 | ---- | C] () -- C:\WINDOWS\if40.ini [2003/02/13 16:45:39 | 000,000,174 | ---- | C] () -- C:\WINDOWS\pexplore.ini [2003/02/13 16:44:35 | 000,000,055 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI [2003/02/04 21:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini [2002/12/08 11:21:29 | 000,000,457 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2002/10/24 19:33:14 | 000,000,556 | ---- | C] () -- C:\WINDOWS\eReg.dat [2002/10/22 19:08:49 | 000,000,205 | ---- | C] () -- C:\WINDOWS\qtw.ini [2002/10/01 15:43:37 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2002/10/01 15:43:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2002/10/01 15:43:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2002/10/01 15:43:30 | 000,000,309 | ---- | C] () -- C:\WINDOWS\EReg515.dat [2002/10/01 15:40:12 | 000,000,971 | ---- | C] () -- C:\WINDOWS\disney.ini [2002/10/01 15:39:43 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2002/06/21 17:53:28 | 000,000,087 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2002/06/21 17:53:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2002/06/16 07:54:42 | 000,000,022 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI [2002/06/16 07:54:22 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2002/06/16 07:54:06 | 000,000,524 | ---- | C] () -- C:\WINDOWS\PSDWIN.INI [2002/05/31 21:32:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2002/05/16 20:34:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI [2002/05/16 20:33:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2002/04/30 19:55:02 | 000,000,008 | -H-- | C] () -- C:\WINDOWS\ssitid.dat [2002/04/30 19:48:53 | 000,037,364 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat [2002/04/13 17:54:15 | 000,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI [2002/04/11 11:28:03 | 000,000,596 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2002/04/11 11:27:38 | 004,700,056 | ---- | C] () -- C:\WINDOWS\Pacific Coasts Screen Savers .dat [2002/04/11 11:27:11 | 001,554,637 | ---- | C] () -- C:\WINDOWS\Space Screen Savers .dat [2002/04/11 11:26:15 | 011,280,733 | ---- | C] () -- C:\WINDOWS\Majestic Mountains Rivers and Waterfalls Screen Sa.dat [2002/04/11 11:25:45 | 001,643,542 | ---- | C] () -- C:\WINDOWS\Landmarks Screen Savers .dat [2002/04/11 11:25:31 | 009,175,824 | ---- | C] () -- C:\WINDOWS\Animals of America screen saver.dat [2002/04/11 11:24:41 | 008,290,006 | ---- | C] () -- C:\WINDOWS\US Cities.dat [2002/04/11 11:24:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe [2002/04/11 11:23:47 | 000,000,010 | ---- | C] () -- C:\WINDOWS\4discbib.ini [2002/04/11 11:23:47 | 000,000,007 | ---- | C] () -- C:\WINDOWS\gbaform1.ini [2002/04/09 07:46:43 | 000,060,464 | R--- | C] () -- C:\WINDOWS\System32\tlcsel32.dll [2002/04/09 07:46:43 | 000,016,540 | R--- | C] () -- C:\WINDOWS\System32\tlcsel17.dll [2001/11/09 10:41:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001/11/08 19:43:04 | 000,000,562 | ---- | C] () -- C:\WINDOWS\System32\Px.ini [2001/11/06 18:50:47 | 000,082,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE [2001/11/06 18:50:46 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL [2001/11/06 18:50:46 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll [2001/11/06 18:46:13 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.0.153.exe [2001/11/06 18:45:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL [2001/11/06 18:45:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll [2001/11/06 18:37:54 | 000,009,876 | ---- | C] () -- C:\WINDOWS\System32\usbbc.sys [2001/11/06 18:37:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallDriver.exe [2001/11/06 18:21:26 | 000,000,515 | ---- | C] () -- C:\WINDOWS\fantasy2.ini [2001/11/06 18:21:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\album.ini [2001/11/06 18:21:26 | 000,000,008 | ---- | C] () -- C:\WINDOWS\pstudio.ini [2001/11/06 17:50:13 | 000,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll [2001/11/06 17:50:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll [2001/11/06 17:49:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2001/11/06 13:40:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001/11/06 13:39:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2001/11/06 13:32:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2001/11/06 13:31:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2001/11/06 05:27:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2001/11/06 05:26:54 | 000,235,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2001/11/06 05:21:55 | 000,000,649 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2001/11/06 05:21:27 | 000,434,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/11/06 05:21:27 | 000,068,624 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/11/06 05:21:25 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/11/06 05:21:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/17 21:38:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2001/08/17 21:36:18 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2001/08/17 21:36:18 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2001/08/17 21:36:18 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2001/08/17 21:36:18 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2001/08/17 21:36:18 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2001/08/17 12:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/17 12:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/17 12:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/08 06:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll [2001/08/07 17:07:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll [2001/07/21 13:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/07/21 13:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/07/21 13:24:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2000/12/29 09:34:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [1997/06/13 16:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll ========== LOP Check ========== [2011/06/30 10:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi [2002/04/14 19:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America Online [2011/04/12 17:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aOo16633mCjMh16633 [2011/10/22 12:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2011/02/28 10:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/02/28 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2010/12/19 16:43:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011/06/28 17:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM [2011/06/28 17:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail [2008/12/02 18:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar [2010/12/19 16:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2008/07/28 15:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes [2003/06/15 18:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2010/11/01 09:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2011/06/28 17:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator [2010/10/27 17:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest [2010/10/29 17:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\agi [2010/12/19 16:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\AVG10 [2004/05/17 18:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Business Logic [2010/10/29 17:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\DriverCure [2011/08/02 09:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\FCSB000062377 [2010/11/03 18:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\FixCleaner [2011/01/14 16:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\imeshmediabartb [2001/11/16 06:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\InterTrust [2003/08/09 06:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Leadertech [2005/11/10 21:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Lycos [2011/05/16 12:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\OpenOffice.org [2010/10/29 17:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\ParetoLogic [2011/01/06 19:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\searchqutb [2005/06/10 23:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Snapfish [2003/03/20 16:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Template [2008/07/10 14:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\WeatherBug [2011/12/28 14:19:05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2011/12/28 12:00:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_home.job [2011/12/28 20:54:04 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2004/12/22 15:22:03 | 000,000,000 | ---- | M] () -- C:\AILog.txt [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () -- C:\AUTOEXEC.NT [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2008/06/10 07:57:21 | 000,000,242 | ---- | M] () -- C:\CDFE.log [2001/11/06 13:36:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2001/11/09 10:36:10 | 000,007,887 | ---- | M] () -- C:\FINIS_IT.TXT [2011/12/28 13:52:25 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2006/01/08 16:05:23 | 000,000,415 | ---- | M] () -- C:\hpcmerr.log [2004/01/19 08:10:53 | 000,000,920 | -H-- | M] () -- C:\hpothb07.dat [2004/01/19 07:53:37 | 000,001,729 | -H-- | M] () -- C:\hpothb07.tif [2003/08/05 13:48:02 | 000,000,132 | ---- | M] () -- C:\ICSYSINF.log [2001/11/06 13:36:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2002/04/27 10:20:58 | 000,001,139 | -H-- | M] () -- C:\IPH.PH [2005/06/17 16:58:31 | 000,000,017 | ---- | M] () -- C:\log.txt [2008/07/06 18:48:26 | 000,004,222 | ---- | M] () -- C:\lxcg.log [2008/06/10 07:57:00 | 000,000,000 | ---- | M] () -- C:\lxcgfire.csv [2008/06/10 07:58:19 | 000,000,867 | ---- | M] () -- C:\LXCGINST.csv [2008/07/06 18:48:26 | 000,000,571 | ---- | M] () -- C:\lxcgscan.log [2008/07/06 18:51:02 | 000,337,698 | ---- | M] () -- C:\lxcgUNST.csv [2001/11/06 13:36:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005/05/06 12:38:29 | 000,001,112 | ---- | M] () -- C:\net_save.dna [2005/05/09 09:00:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/12/26 14:36:33 | 000,250,048 | RHS- | M] () -- C:\ntldr [2011/12/28 19:25:00 | 697,303,040 | -HS- | M] () -- C:\pagefile.sys [2005/03/05 14:44:50 | 000,011,351 | ---- | M] () -- C:\stsetup.log [2004/12/29 20:46:11 | 000,000,772 | ---- | M] () -- C:\tmp.txt [2008/11/11 17:57:56 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log [2001/11/09 14:44:03 | 000,000,008 | ---- | M] () -- C:\USER < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2008/07/06 04:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll [2007/10/20 18:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\hpzpp5mu.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2001/11/06 05:25:04 | 000,090,112 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2001/11/06 05:25:04 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2001/11/06 05:25:04 | 000,380,928 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %PROGRAMFILES%\* > [2004/01/19 07:55:41 | 000,001,428 | -H-- | M] () -- C:\Program Files\hpothb07.dat [2004/01/19 07:55:41 | 000,005,375 | -H-- | M] () -- C:\Program Files\hpothb07.tif < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < End of report > OTL Extras logfile created on: 12/28/2011 8:46:18 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 160.20 Mb Available Physical Memory | 31.41% Memory free 1.12 Gb Paging File | 0.37 Gb Available in Paging File | 32.77% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 12.71 Gb Free Space | 38.99% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\support.com\bin\tgcmd.exe" = C:\Program Files\support.com\bin\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire "C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation) "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Ahead software AG) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{10deb052-db5d-32a6-9ff2-200e810d1a7b}" = Kiwee Toolbar for Firefox "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar "{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 29 "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3 "{343DB62F-891F-45EC-BED3-E2F56CEB1B7C}" = Adobe Flash Player 10 Plugin "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57764780-E33B-11D1-96ED-00A024A83A15}" = Kensington MouseWorks "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8aade841-03c5-486a-b048-bb112cc0cac5}" = egreetings.com Toolbar for Internet Explorer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF7DB138-76ED-4E17-8764-1AAE1792F30F}" = Sony MP3 Conversion Tool "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help "{F93D2591-8201-4692-BD8D-67A0BFAC9C14}" = SweetIM Toolbar for Internet Explorer 3.9 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "America Online us" = America Online "avast" = avast! Free Antivirus "BackWeb-137903 Uninstaller" = hp center "Card Games" = Card Games "CCleaner" = CCleaner (remove only) "conduitEngine" = Conduit Engine "Google Updater" = Google Updater "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "ie8" = Windows Internet Explorer 8 "iMesh 1 MediaBar" = MediaBar "Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only) "IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "MGI PhotoSuite Mobile Edition" = MGI PhotoSuite Mobile Edition (Remove only) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MUSICMATCH Jukebox" = MUSICMATCH Jukebox "Nero PhotoShow Express" = Nero PhotoShow Express "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "PCDoctor" = PC-Doctor for Windows "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "RealPlayer 15.0" = RealPlayer "Scanport Applications" = Presto! PageManager "Searchqu MediaBar" = Windows Searchqu Toolbar "Shop for HP Supplies" = Shop for HP Supplies "Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "TOPO!" = TOPO! "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2002Setup" = Microsoft Works and Money 2002 Setup Launcher "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Consumer Input Software" = Consumer Input Software (remove only) "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/17/2011 8:49:54 PM | Computer Name = HP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. Error - 8/17/2011 8:50:07 PM | Computer Name = HP | Source = Application Error | ID = 1001 Description = Fault bucket 1228147305. Error - 8/17/2011 9:02:58 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application Weather.exe, version 6.7.0.17, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/17/2011 9:04:21 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 517211759. Error - 8/18/2011 12:20:21 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/18/2011 12:20:40 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:09:49 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:11:06 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:17:44 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:18:12 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. [ System Events ] Error - 12/27/2011 11:35:42 AM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/27/2011 11:37:04 AM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/27/2011 11:37:04 AM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI Error - 12/28/2011 9:39:34 AM | Computer Name = HP | Source = PSched | ID = 14103 Description = QoS [Adapter {86ED904F-65B3-4B61-AB9E-522658395BDC}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 12/28/2011 5:54:19 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the AG Core Services service to connect. Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The AG Core Services service failed to start due to the following error: %%1053 Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/28/2011 5:56:07 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/28/2011 5:56:07 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI < End of report >
- December 29, 2011
- 20 replies
Restarting problem

Sophiekat replied to Sophiekat's topic in Tech Support & Discussions Forum

OTL logfile created on: 12/28/2011 8:46:18 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 160.20 Mb Available Physical Memory | 31.41% Memory free 1.12 Gb Paging File | 0.37 Gb Available in Paging File | 32.77% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 12.71 Gb Free Space | 38.99% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\fedenfam\Desktop\OTL.scr (OldTimer Tools) PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\WINDOWS\SYSTEM32\exshow95.exe (Kensington Technology Group) PRC - C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\11122801\algo.dll () MOD - C:\Program Files\AVAST Software\Avast\defs\11122801\aswRep.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\Program Files\UnifiedToolbar\3.2\IE\JsonExSerializer.dll () ========== Win32 Services (SafeList) ========== SRV - (Winkebo) -- File not found SRV - (AppMgmt) -- File not found SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AGCoreService) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe (AG Interactive) SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (PackethSvc) -- C:\WINDOWS\SYSTEM32\PackethSvc.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\drivers\gameenum.sys (Microsoft Corporation) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\SYSTEM32\drivers\rtl8139.sys (Realtek Semiconductor Corporation) DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.) DRV - (ltmodem5) -- C:\WINDOWS\SYSTEM32\drivers\ltmdmnt.sys (LT) DRV - (DCamUSBSQTECH) Dual-Mode DSC(2770) -- C:\WINDOWS\SYSTEM32\drivers\SQCaptur.sys (Service & Quality Technology.) DRV - (Freedom) -- C:\WINDOWS\freedom.backup.dat () DRV - (NETMDUSB) -- C:\WINDOWS\SYSTEM32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (PalmUSBD) -- C:\WINDOWS\SYSTEM32\drivers\PalmUSBD.sys (Palm, Inc.) DRV - (ousb2hub) -- C:\WINDOWS\SYSTEM32\drivers\ousb2hub.sys (OrangeWare Corporation) DRV - (ousbehci) -- C:\WINDOWS\SYSTEM32\drivers\ousbehci.sys (OrangeWare Corporation) DRV - (S3SavageNB) -- C:\WINDOWS\SYSTEM32\drivers\s3gNBm.sys (S3 Graphics, Inc.) DRV - (pfc) -- C:\WINDOWS\SYSTEM32\drivers\pfc.sys (Padus, Inc.) DRV - (KMW_SYS) -- C:\WINDOWS\SYSTEM32\drivers\KMW_SYS.sys (Kensington Technology Group) DRV - (KID_SYS) -- C:\WINDOWS\SYSTEM32\drivers\kid_sys.sys (Kensington Technology Group) DRV - (ms_mpu401) -- C:\WINDOWS\SYSTEM32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (nv4) -- C:\WINDOWS\SYSTEM32\drivers\nv4.sys (NVIDIA Corporation) DRV - (wandrv) -- C:\WINDOWS\SYSTEM32\drivers\wandrv.sys (America Online, Inc.) DRV - (i81x) -- C:\WINDOWS\SYSTEM32\drivers\i81xnt5.sys (Intel® Corporation) DRV - (iAimFP0) -- C:\WINDOWS\SYSTEM32\drivers\wADV01nt.sys (Intel® Corporation) DRV - (iAimFP1) -- C:\WINDOWS\SYSTEM32\drivers\wADV02NT.sys (Intel® Corporation) DRV - (iAimFP2) -- C:\WINDOWS\SYSTEM32\drivers\wADV05NT.sys (Intel® Corporation) DRV - (iAimFP4) -- C:\WINDOWS\SYSTEM32\drivers\wVchNTxx.sys (Intel® Corporation) DRV - (iAimFP3) -- C:\WINDOWS\SYSTEM32\drivers\wSiINTxx.sys (Intel® Corporation) DRV - (iAimTV3) -- C:\WINDOWS\SYSTEM32\drivers\wATV04nt.sys (Intel® Corporation) DRV - (iAimTV0) -- C:\WINDOWS\SYSTEM32\drivers\wATV01nt.sys (Intel® Corporation) DRV - (iAimTV4) -- C:\WINDOWS\SYSTEM32\drivers\wCh7xxNT.sys (Intel® Corporation) DRV - (iAimTV1) -- C:\WINDOWS\SYSTEM32\drivers\wATV02NT.sys (Intel® Corporation) DRV - (Ps2) -- C:\WINDOWS\SYSTEM32\drivers\PS2.sys (Hewlett-Packard Company) DRV - (PcdrNt) -- C:\WINDOWS\System32\drivers\PcdrNt.sys (PC-Doctor Inc.) DRV - (SMPLSCSI) -- C:\WINDOWS\System32\drivers\SMPLSCSI.SYS (OnSpec Electronic, Inc.) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files\Kiwee Toolbar\2.8.167\firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\unifiedtoolbar@aginteractive.com: C:\Program Files\UnifiedToolbar\3.2\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}: C:\Documents and Settings\fedenfam\Local Settings\Application Data\{CF21F2A2-B12F-4A69-8F63-1F8459A0C002}\ [2010/12/10 10:32:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/30 16:01:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/11/03 15:10:30 | 000,000,000 | ---D | M] [2011/04/19 16:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\fedenfam\Application Data\Mozilla\Extensions O1 HOSTS File: ([2008/07/09 20:01:23 | 000,250,869 | R--- | M]) - C:\WINDOWS\SYSTEM32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.139mm.com O1 - Hosts: 8769 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - No CLSID value found. O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll () O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (no name) - {91917DC6-93B9-4E62-B2D6-D39C9618C418} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll () O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Consumer Input\dca-bho.dll (Compete, Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll () O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbIncr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc) O4 - HKLM..\Run: [EXSHOW95.EXE] C:\WINDOWS\System32\exshow95.exe (Kensington Technology Group) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\hpztsb09.exe (HP) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [MSWheel] File not found O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\SYSTEM32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [s3TRAY2] C:\WINDOWS\System32\S3tray2.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [windows auto update] File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Consumer Input Update] C:\Program Files\Consumer Input\dca-ua.exe (Compete, Inc.) O4 - HKCU..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe File not found O4 - HKCU..\Run: [regsrv32.exe] regsrv32.exe File not found O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk = File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp center.lnk = File not found O4 - Startup: C:\Documents and Settings\fedenfam\Start Menu\Programs\Startup\HandStory.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ File not found O9 - Extra Button: Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Palm\HandStoryTE.htm File not found O9 - Extra 'Tools' menuitem : &Save To Palm - {6C8741AB-53B4-476e-BE7C-F519AD8A6494} - C:\Palm\HandStoryTE.htm File not found O9 - Extra Button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ File not found O9 - Extra Button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java http://file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: DhcpNameServer = 15.60.103.1 15.60.103.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86ED904F-65B3-4B61-AB9E-522658395BDC}: DhcpNameServer = 192.168.0.1 205.171.3.25 O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O20 - AppInit_DLLs: (c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll) -c:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (c:\progra~1\imesha~1\mediabar\datamngr\iebho.dll) -c:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 () - http://morepictures.com/images/main/hawaiisurf.jpg O24 - Desktop Components:1 () - http://morepictures.com/images/main/diamond1.jpg O24 - Desktop Components:2 () - http://morepictures.com/images/main/hawaiipalms.jpg O24 - Desktop Components:3 () - http://images.google.com/images?q=tbn:9evOA2dfAXIJ:www.instant-art.com/catalog-safetysigns/prohibition/images/proh007-fork%2520lifts.jpg O24 - Desktop Components:4 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\fedenfam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () - C:\AUTOEXEC.NT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Documents and Settings^fedenfam^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - () MsConfig - StartUpReg: Bwijuro - hkey= - key= - File not found MsConfig - StartUpReg: DW6 - hkey= - key= - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.) MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/12/28 20:41:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 16:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Application Data\Malwarebytes [2011/12/28 16:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/12/28 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/12/28 16:21:08 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/28 16:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/12/08 11:54:45 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 13:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fedenfam\Start Menu\Programs\HiJackThis [2011/12/06 10:53:51 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/01 13:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input [2011/11/30 16:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2011/11/30 16:00:28 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real [2011/11/30 15:59:12 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/02/21 11:55:32 | 000,940,544 | ---- | C] (Apache Software Foundation) -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\log4cxx.dll [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/12/28 20:54:04 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011/12/28 20:42:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\fedenfam\Desktop\OTL.scr [2011/12/28 19:46:29 | 000,000,596 | ---- | M] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2011/12/28 16:21:21 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/28 16:06:05 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/28 14:19:05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2011/12/28 13:53:44 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-334337264-1445258045-1803559485-1007.job [2011/12/28 13:52:56 | 000,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2011/12/28 13:52:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/12/28 13:52:25 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2011/12/28 12:00:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2011/12/28 11:24:02 | 000,000,820 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/12/27 16:49:15 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIES BIRTHDAYS.wps [2011/12/24 12:38:02 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 16:23:28 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WHO THREW THE OVERALLS.wps [2011/12/23 13:20:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Ÿ¡Ÿ¡ [2011/12/22 20:37:16 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/22 20:35:07 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:22:28 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Weather Channel Desktop .lnk [2011/12/15 09:07:53 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/12/15 08:49:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/12/14 10:07:51 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY ANSWERS.wps [2011/12/14 09:29:56 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/12 16:36:54 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\MY JEOPARDY QUESTIONS.wps [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/12/08 11:56:10 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\fedenfam\Desktop\dds.com [2011/12/06 16:59:51 | 000,013,192 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 16:59:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps [2011/12/06 15:04:37 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:18:38 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/06 10:54:43 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Documents and Settings\fedenfam\Desktop\SysInfo.exe [2011/12/03 13:47:30 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:38 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2011/11/30 20:02:44 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/11/30 16:03:30 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/11/30 16:00:29 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/11/30 15:59:21 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/11/30 15:59:21 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/11/30 15:59:12 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/11/30 15:44:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\fedenfam\Ÿ¡Ÿ¡ [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/12/28 16:21:21 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2011/12/24 12:34:18 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\GOD'S CHRISTMAS PRESENT.wps [2011/12/23 13:20:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ÿ¡Ÿ¡ [2011/12/21 17:19:51 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\TOUCHING CHRISTMAS POEM.wps [2011/12/17 15:53:35 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THREE WISE WOMEN.wps [2011/12/15 08:16:33 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2011/12/14 09:26:44 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\WORSHIP JANUARY 1.wps [2011/12/06 16:59:51 | 000,013,192 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\QUIRKIE ADDRESSES.wps.rtf [2011/12/06 13:24:29 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.lnk [2011/12/06 13:17:35 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\fedenfam\Desktop\HiJackThis.msi [2011/12/05 17:44:42 | 000,035,353 | ---- | C] () -- C:\WINDOWS\_detmp.1 [2011/12/03 13:03:29 | 000,201,216 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\THE FIRST NOEL KEY OF Bb.wps [2011/12/02 20:43:37 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\fedenfam\My Documents\O COME LET US ADORE HIM KEY OF Eb.wps [2011/11/30 16:03:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/02/21 11:56:10 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\ie_runner_app.exe [2011/02/21 11:56:10 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\common_functions.dll [2011/01/27 15:04:01 | 000,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat [2010/12/29 10:56:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\prvlcl.dat [2010/06/11 13:28:30 | 000,165,432 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2010/06/11 13:28:30 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2008/11/03 16:13:37 | 000,165,256 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp [2008/11/03 16:13:36 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp [2008/10/31 15:33:22 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll [2008/10/31 15:33:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll [2008/07/06 19:00:03 | 000,000,308 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2008/05/16 10:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2006/01/02 21:18:55 | 000,001,595 | ---- | C] () -- C:\WINDOWS\checkip.dat [2005/12/24 23:02:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe [2005/12/21 13:40:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005/09/14 12:02:58 | 000,002,219 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2005/08/17 16:11:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/08/17 16:11:46 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/09 16:17:36 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2005/05/08 21:27:56 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005/05/08 20:31:29 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2005/03/05 14:42:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\ST1_Un0.exe [2004/12/03 17:27:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\infamous_downloader.exe [2004/12/01 21:23:12 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\fedenfam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2004/11/28 13:41:01 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004/08/15 09:20:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\TOPO.INI [2004/05/21 11:14:44 | 000,000,530 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/05/20 20:25:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\HandStory.ini [2004/05/19 15:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\install2.exe [2004/05/18 16:55:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\0021-bdl94126.EXE [2004/04/02 07:02:04 | 000,000,094 | ---- | C] () -- C:\WINDOWS\regsrv32.dat [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.tif [2004/01/19 07:50:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\fedenfam\Application Data\hpothb07.dat [2004/01/17 14:03:50 | 000,018,283 | ---- | C] () -- C:\WINDOWS\HPHins01.dat.temp [2004/01/17 14:03:50 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat.temp [2003/12/26 21:30:16 | 000,000,088 | ---- | C] () -- C:\WINDOWS\PicView.INI [2003/12/07 18:59:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2003/10/11 20:31:37 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hegames.ini [2003/09/07 15:05:04 | 000,001,428 | -H-- | C] () -- C:\Program Files\hpothb07.dat [2003/09/07 15:05:03 | 000,005,375 | -H-- | C] () -- C:\Program Files\hpothb07.tif [2003/08/11 18:08:20 | 000,000,148 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2003/08/05 13:36:18 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\UnPoker.exe [2003/07/16 15:35:34 | 000,000,809 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2003/07/16 15:35:23 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe [2003/04/16 14:20:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2003/03/05 18:37:29 | 000,000,354 | ---- | C] () -- C:\WINDOWS\ereg077.dat [2003/02/13 19:46:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Prestopm.INI [2003/02/13 16:57:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2003/02/13 16:45:39 | 000,003,719 | ---- | C] () -- C:\WINDOWS\if40.ini [2003/02/13 16:45:39 | 000,000,174 | ---- | C] () -- C:\WINDOWS\pexplore.ini [2003/02/13 16:44:35 | 000,000,055 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI [2003/02/04 21:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini [2002/12/08 11:21:29 | 000,000,457 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini [2002/10/24 19:33:14 | 000,000,556 | ---- | C] () -- C:\WINDOWS\eReg.dat [2002/10/22 19:08:49 | 000,000,205 | ---- | C] () -- C:\WINDOWS\qtw.ini [2002/10/01 15:43:37 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2002/10/01 15:43:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2002/10/01 15:43:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2002/10/01 15:43:30 | 000,000,309 | ---- | C] () -- C:\WINDOWS\EReg515.dat [2002/10/01 15:40:12 | 000,000,971 | ---- | C] () -- C:\WINDOWS\disney.ini [2002/10/01 15:39:43 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2002/06/21 17:53:28 | 000,000,087 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2002/06/21 17:53:01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2002/06/16 07:54:42 | 000,000,022 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI [2002/06/16 07:54:22 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini [2002/06/16 07:54:06 | 000,000,524 | ---- | C] () -- C:\WINDOWS\PSDWIN.INI [2002/05/31 21:32:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2002/05/16 20:34:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI [2002/05/16 20:33:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2002/04/30 19:55:02 | 000,000,008 | -H-- | C] () -- C:\WINDOWS\ssitid.dat [2002/04/30 19:48:53 | 000,037,364 | ---- | C] () -- C:\WINDOWS\freedom.backup.dat [2002/04/13 17:54:15 | 000,000,137 | ---- | C] () -- C:\WINDOWS\Weather.INI [2002/04/11 11:28:03 | 000,000,596 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini [2002/04/11 11:27:38 | 004,700,056 | ---- | C] () -- C:\WINDOWS\Pacific Coasts Screen Savers .dat [2002/04/11 11:27:11 | 001,554,637 | ---- | C] () -- C:\WINDOWS\Space Screen Savers .dat [2002/04/11 11:26:15 | 011,280,733 | ---- | C] () -- C:\WINDOWS\Majestic Mountains Rivers and Waterfalls Screen Sa.dat [2002/04/11 11:25:45 | 001,643,542 | ---- | C] () -- C:\WINDOWS\Landmarks Screen Savers .dat [2002/04/11 11:25:31 | 009,175,824 | ---- | C] () -- C:\WINDOWS\Animals of America screen saver.dat [2002/04/11 11:24:41 | 008,290,006 | ---- | C] () -- C:\WINDOWS\US Cities.dat [2002/04/11 11:24:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\UninstallWSST.exe [2002/04/11 11:23:47 | 000,000,010 | ---- | C] () -- C:\WINDOWS\4discbib.ini [2002/04/11 11:23:47 | 000,000,007 | ---- | C] () -- C:\WINDOWS\gbaform1.ini [2002/04/09 07:46:43 | 000,060,464 | R--- | C] () -- C:\WINDOWS\System32\tlcsel32.dll [2002/04/09 07:46:43 | 000,016,540 | R--- | C] () -- C:\WINDOWS\System32\tlcsel17.dll [2001/11/09 10:41:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001/11/08 19:43:04 | 000,000,562 | ---- | C] () -- C:\WINDOWS\System32\Px.ini [2001/11/06 18:50:47 | 000,082,864 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE [2001/11/06 18:50:46 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL [2001/11/06 18:50:46 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll [2001/11/06 18:46:13 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.0.153.exe [2001/11/06 18:45:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hpREG.DLL [2001/11/06 18:45:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll [2001/11/06 18:37:54 | 000,009,876 | ---- | C] () -- C:\WINDOWS\System32\usbbc.sys [2001/11/06 18:37:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallDriver.exe [2001/11/06 18:21:26 | 000,000,515 | ---- | C] () -- C:\WINDOWS\fantasy2.ini [2001/11/06 18:21:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\album.ini [2001/11/06 18:21:26 | 000,000,008 | ---- | C] () -- C:\WINDOWS\pstudio.ini [2001/11/06 17:50:13 | 000,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll [2001/11/06 17:50:13 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll [2001/11/06 17:49:47 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2001/11/06 13:40:54 | 000,000,879 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001/11/06 13:39:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2001/11/06 13:32:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2001/11/06 13:31:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2001/11/06 05:27:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2001/11/06 05:26:54 | 000,235,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2001/11/06 05:21:55 | 000,000,649 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2001/11/06 05:21:27 | 000,434,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/11/06 05:21:27 | 000,068,624 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/11/06 05:21:25 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/11/06 05:21:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/17 21:38:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2001/08/17 21:36:18 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll [2001/08/17 21:36:18 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll [2001/08/17 21:36:18 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll [2001/08/17 21:36:18 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll [2001/08/17 21:36:18 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll [2001/08/17 12:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/17 12:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/17 12:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/08 06:13:22 | 000,012,351 | ---- | C] () -- C:\WINDOWS\System32\i81xcoin.dll [2001/08/07 17:07:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll [2001/07/21 13:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/07/21 13:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/07/21 13:24:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2000/12/29 09:34:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [1997/06/13 16:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll ========== LOP Check ========== [2011/06/30 10:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi [2002/04/14 19:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America Online [2011/04/12 17:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aOo16633mCjMh16633 [2011/10/22 12:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2011/02/28 10:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/02/28 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2010/12/19 16:43:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011/06/28 17:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM [2011/06/28 17:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail [2008/12/02 18:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar [2010/12/19 16:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2008/07/28 15:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes [2003/06/15 18:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2010/11/01 09:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2011/06/28 17:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator [2010/10/27 17:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest [2010/10/29 17:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\agi [2010/12/19 16:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\AVG10 [2004/05/17 18:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Business Logic [2010/10/29 17:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\DriverCure [2011/08/02 09:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\FCSB000062377 [2010/11/03 18:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\FixCleaner [2011/01/14 16:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\imeshmediabartb [2001/11/16 06:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\InterTrust [2003/08/09 06:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Leadertech [2005/11/10 21:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Lycos [2011/05/16 12:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\OpenOffice.org [2010/10/29 17:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\ParetoLogic [2011/01/06 19:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\searchqutb [2005/06/10 23:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Snapfish [2003/03/20 16:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\Template [2008/07/10 14:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fedenfam\Application Data\WeatherBug [2011/12/28 14:19:05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2011/12/28 12:00:00 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_home.job [2011/12/28 20:54:04 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2004/12/22 15:22:03 | 000,000,000 | ---- | M] () -- C:\AILog.txt [2010/12/23 18:55:07 | 000,001,688 | ---- | M] () -- C:\AUTOEXEC.NT [2011/12/01 21:00:54 | 000,000,201 | -HS- | M] () -- C:\BOOT.INI [2008/06/10 07:57:21 | 000,000,242 | ---- | M] () -- C:\CDFE.log [2001/11/06 13:36:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2001/11/09 10:36:10 | 000,007,887 | ---- | M] () -- C:\FINIS_IT.TXT [2011/12/28 13:52:25 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys [2006/01/08 16:05:23 | 000,000,415 | ---- | M] () -- C:\hpcmerr.log [2004/01/19 08:10:53 | 000,000,920 | -H-- | M] () -- C:\hpothb07.dat [2004/01/19 07:53:37 | 000,001,729 | -H-- | M] () -- C:\hpothb07.tif [2003/08/05 13:48:02 | 000,000,132 | ---- | M] () -- C:\ICSYSINF.log [2001/11/06 13:36:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2002/04/27 10:20:58 | 000,001,139 | -H-- | M] () -- C:\IPH.PH [2005/06/17 16:58:31 | 000,000,017 | ---- | M] () -- C:\log.txt [2008/07/06 18:48:26 | 000,004,222 | ---- | M] () -- C:\lxcg.log [2008/06/10 07:57:00 | 000,000,000 | ---- | M] () -- C:\lxcgfire.csv [2008/06/10 07:58:19 | 000,000,867 | ---- | M] () -- C:\LXCGINST.csv [2008/07/06 18:48:26 | 000,000,571 | ---- | M] () -- C:\lxcgscan.log [2008/07/06 18:51:02 | 000,337,698 | ---- | M] () -- C:\lxcgUNST.csv [2001/11/06 13:36:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2005/05/06 12:38:29 | 000,001,112 | ---- | M] () -- C:\net_save.dna [2005/05/09 09:00:48 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/12/26 14:36:33 | 000,250,048 | RHS- | M] () -- C:\ntldr [2011/12/28 19:25:00 | 697,303,040 | -HS- | M] () -- C:\pagefile.sys [2005/03/05 14:44:50 | 000,011,351 | ---- | M] () -- C:\stsetup.log [2004/12/29 20:46:11 | 000,000,772 | ---- | M] () -- C:\tmp.txt [2008/11/11 17:57:56 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log [2001/11/09 14:44:03 | 000,000,008 | ---- | M] () -- C:\USER < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > [2008/07/06 04:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll [2007/10/20 18:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\hpzpp5mu.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > [2001/11/06 05:25:04 | 000,090,112 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2001/11/06 05:25:04 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2001/11/06 05:25:04 | 000,380,928 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %PROGRAMFILES%\* > [2004/01/19 07:55:41 | 000,001,428 | -H-- | M] () -- C:\Program Files\hpothb07.dat [2004/01/19 07:55:41 | 000,005,375 | -H-- | M] () -- C:\Program Files\hpothb07.tif < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 03:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) < End of report > OTL Extras logfile created on: 12/28/2011 8:46:18 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\fedenfam\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 509.98 Mb Total Physical Memory | 160.20 Mb Available Physical Memory | 31.41% Memory free 1.12 Gb Paging File | 0.37 Gb Available in Paging File | 32.77% Paging File free Paging file location(s): C:\pagefile.sys 500 900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.60 Gb Total Space | 12.71 Gb Free Space | 38.99% Space Free | Partition Type: NTFS Computer Name: HP | User Name: fedenfam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\support.com\bin\tgcmd.exe" = C:\Program Files\support.com\bin\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire "C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation) "C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Ahead software AG) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE "{10deb052-db5d-32a6-9ff2-200e810d1a7b}" = Kiwee Toolbar for Firefox "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar "{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01 "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 29 "{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3 "{343DB62F-891F-45EC-BED3-E2F56CEB1B7C}" = Adobe Flash Player 10 Plugin "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3 "{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57764780-E33B-11D1-96ED-00A024A83A15}" = Kensington MouseWorks "{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter "{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software "{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8aade841-03c5-486a-b048-bb112cc0cac5}" = egreetings.com Toolbar for Internet Explorer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}" = Microsoft Works 6.0 "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan "{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF7DB138-76ED-4E17-8764-1AAE1792F30F}" = Sony MP3 Conversion Tool "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC19E750-988B-4005-A355-85EF66055EFE}" = Works Suite OS Pack "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help "{F93D2591-8201-4692-BD8D-67A0BFAC9C14}" = SweetIM Toolbar for Internet Explorer 3.9 "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "America Online us" = America Online "avast" = avast! Free Antivirus "BackWeb-137903 Uninstaller" = hp center "Card Games" = Card Games "CCleaner" = CCleaner (remove only) "conduitEngine" = Conduit Engine "Google Updater" = Google Updater "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 11.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing "HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0 "HPExtendedCapabilities" = HP Customer Participation Program 11.0 "ie8" = Windows Internet Explorer 8 "iMesh 1 MediaBar" = MediaBar "Inactive HP Printer Drivers (Remove only)" = Inactive HP Printer Drivers (Remove only) "IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "MGI PhotoSuite Mobile Edition" = MGI PhotoSuite Mobile Edition (Remove only) "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MUSICMATCH Jukebox" = MUSICMATCH Jukebox "Nero PhotoShow Express" = Nero PhotoShow Express "NeroMultiInstaller!UninstallKey" = Nero Suite "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "PCDoctor" = PC-Doctor for Windows "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "RealPlayer 15.0" = RealPlayer "Scanport Applications" = Presto! PageManager "Searchqu MediaBar" = Windows Searchqu Toolbar "Shop for HP Supplies" = Shop for HP Supplies "Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "TOPO!" = TOPO! "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2002Setup" = Microsoft Works and Money 2002 Setup Launcher "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Consumer Input Software" = Consumer Input Software (remove only) "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/17/2011 8:49:54 PM | Computer Name = HP | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. Error - 8/17/2011 8:50:07 PM | Computer Name = HP | Source = Application Error | ID = 1001 Description = Fault bucket 1228147305. Error - 8/17/2011 9:02:58 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application Weather.exe, version 6.7.0.17, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/17/2011 9:04:21 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 517211759. Error - 8/18/2011 12:20:21 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/18/2011 12:20:40 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:09:49 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:11:06 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. Error - 8/20/2011 2:17:44 PM | Computer Name = HP | Source = Application Hang | ID = 1002 Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/20/2011 2:18:12 PM | Computer Name = HP | Source = Application Hang | ID = 1001 Description = Fault bucket 1180947459. [ System Events ] Error - 12/27/2011 11:35:42 AM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/27/2011 11:37:04 AM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/27/2011 11:37:04 AM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI Error - 12/28/2011 9:39:34 AM | Computer Name = HP | Source = PSched | ID = 14103 Description = QoS [Adapter {86ED904F-65B3-4B61-AB9E-522658395BDC}]: The netcard driver failed the query for OID_GEN_LINK_SPEED. Error - 12/28/2011 5:54:19 PM | Computer Name = HP | Source = Print | ID = 23 Description = Printer Lexmark 640 Series,0 failed to initialize because a suitable Lexmark 640 Series driver could not be found. Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the AG Core Services service to connect. Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The AG Core Services service failed to start due to the following error: %%1053 Error - 12/28/2011 5:54:38 PM | Computer Name = HP | Source = Service Control Manager | ID = 7000 Description = The ONSIO service failed to start due to the following error: %%2 Error - 12/28/2011 5:56:07 PM | Computer Name = HP | Source = Service Control Manager | ID = 7022 Description = The HP CUE DeviceDiscovery Service service hung on starting. Error - 12/28/2011 5:56:07 PM | Computer Name = HP | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: SMPLSCSI < End of report >
- December 29, 2011
- 20 replies

Sign In

Sophiekat

Posts

Joined

Last visited

Tech Info

Sophiekat's Achievements

Newbie (1/14)

Reputation

Happy New Year!!!

Hello There

Restarting problem

Restarting problem

Hello There

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Restarting problem

Browse

Activity

Site Info