OTL logfile created on: 11/9/2009 3:41:25 PM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Users\ruthie\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.82 Mb Total Physical Memory | 160.55 Mb Available Physical Memory | 17.96% Memory free
2.00 Gb Paging File | 0.75 Gb Available in Paging File | 37.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.21 Gb Total Space | 156.92 Gb Free Space | 69.67% Space Free | Partition Type: NTFS
Drive D: | 7.67 Gb Total Space | 0.00 Gb Free Space | 0.03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RUTHIE-PC
Current User Name: ruthie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\ruthie\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
PRC - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard)
PRC - C:\WINDOWS\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - c:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wercon.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Webroot\Washer\WasherSvc.exe (Webroot Software, Inc.)
PRC - C:\Program Files\Webroot\Washer\wwDisp.exe (Webroot Software, Inc.)
PRC - C:\WINDOWS\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Lexmark 5300 Series\lxdkmon.exe ()
PRC - C:\WINDOWS\System32\lxdkcoms.exe ( )
PRC - C:\WINDOWS\System32\spool\drivers\w32x86\3\lxdkserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\Lexmark 5300 Series\lxdkamon.exe ()
PRC - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\hp\KBD\kbd.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\System32\LexBceS.exe (Lexmark International, Inc.)
PRC - C:\WINDOWS\System32\Lexpps.exe (Lexmark International, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Users\ruthie\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (CLTNetCnService) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (HP Health Check Service) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (nvsvc) -- C:\WINDOWS\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ehRecvr) -- C:\WINDOWS\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (wwEngineSvc) -- C:\Program Files\Webroot\Washer\WasherSvc.exe (Webroot Software, Inc.)
SRV - (XAudioService) -- C:\WINDOWS\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (lxdk_device) -- C:\Windows\System32\lxdkcoms.exe ( )
SRV - (lxdkCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdkserv.exe ()
SRV - (LightScribeService) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (ehSched) -- C:\WINDOWS\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart) -- C:\WINDOWS\ehome\ehstart.dll (Microsoft Corporation)
SRV - (RoxMediaDB9) -- c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (stllssvr) -- c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LexBceS) -- C:\WINDOWS\System32\LexBceS.exe (Lexmark International, Inc.)
========== Driver Services (SafeList) ==========
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (GEARAspiWDM) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HSXHWBS2) -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\System32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (wrssweep) -- C:\Program Files\Webroot\Washer\wrSSweep.sys (Webroot Software Inc (www.webroot.com))
DRV - (XAudio) -- C:\WINDOWS\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\WINDOWS\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (mdmxsdk) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\S-1-5-21-3106860121-1881496160-2963117849-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\S-1-5-21-3106860121-1881496160-2963117849-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/14 20:11:54 | 00,000,000 | ---D | M]
O1 HOSTS File: (303907 bytes) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 10470 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BhoMisc Class) - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\WRS.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (TrendProtect) - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\WRS.dll (Trend Micro Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Lexmark 5300 Series Fax Server] C:\Program Files\Lexmark 5300 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxdkamon] C:\Program Files\Lexmark 5300 Series\lxdkamon.exe ()
O4 - HKLM..\Run: [lxdkmon.exe] C:\Program Files\Lexmark 5300 Series\lxdkmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [UniblueSpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe ()
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [Washer] C:\Program Files\Washer\washer.exe File not found
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe (Webroot Software, Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe (Webroot Software, Inc.)
O4 - HKLM..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3106860121-1881496160-2963117849-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resour ... cctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos1.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} http://www.ca.com/securityadvisor/pestscan/pestscan.cab (PSFormX Control)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8646A6AF-0AE4-4BF8-B716-DB1513803972} http://riteaid.storefront.com/images/gl ... oad1_8.CAB (SFImageUpload1_8.ImageUpload)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} https://ediagnostics.lexmark.com/serval.cab (Lexmark eDiagnostics Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-l ... cfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.144.187.101 204.186.0.203 207.44.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\trendprotect {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\WRS.dll (Trend Micro Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/02/26 07:06:55 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/09 15:39:38 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Users\ruthie\Desktop\OTL.exe
[2009/11/06 10:02:47 | 00,000,000 | ---D | C] -- C:\Users\ruthie\AppData\Roaming\Malwarebytes
[2009/11/06 10:02:39 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/06 10:02:38 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/06 10:02:38 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/06 10:02:38 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/06 10:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/06 10:00:55 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ruthie\Desktop\mbam-setup.exe
[2009/11/05 15:06:21 | 00,000,000 | ---D | C] -- C:\rsit
[2009/11/05 14:58:45 | 00,000,000 | ---D | C] -- C:\Windows\System32\ErrorLogs
[2009/11/05 09:26:35 | 00,000,000 | ---D | C] -- C:\Users\ruthie\AppData\Roaming\uniblue
[2009/11/05 09:25:24 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/11/05 09:25:16 | 00,000,000 | -H-D | C] -- C:\ProgramData\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009/11/05 09:25:16 | 00,000,000 | -H-D | C] -- C:\ProgramData\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2009/11/04 09:59:52 | 03,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/11/03 09:33:00 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/11/03 09:32:59 | 00,833,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/11/03 09:32:57 | 01,174,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/11/03 09:32:52 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/11/03 09:32:50 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/11/03 09:32:48 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/11/03 09:32:47 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/03 09:32:45 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/03 09:32:43 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/11/03 09:32:42 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/03 09:32:41 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/11/03 09:32:40 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/11/03 09:32:38 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/11/03 09:32:35 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/10/28 09:22:56 | 10,626,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/10/28 09:22:53 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009/10/28 09:22:45 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/10/19 09:32:50 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/10/19 09:32:41 | 03,597,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/10/19 09:32:40 | 03,546,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/10/19 09:32:12 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/10/19 09:32:11 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/10/19 09:32:08 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/10/19 09:32:07 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/10/19 09:32:07 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/10/19 09:31:56 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
[2009/10/19 09:31:53 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/10/19 09:31:49 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2009/10/17 16:30:52 | 00,000,000 | ---D | C] -- C:\Users\ruthie\AppData\Roaming\WildTangent
[2009/10/17 14:46:09 | 00,000,000 | -HSD | C] -- C:\found.000
[2008/12/28 14:27:57 | 01,200,128 | ---- | C] ( ) -- C:\Windows\System32\lxdkserv.dll
[2008/12/28 14:27:57 | 00,950,272 | ---- | C] ( ) -- C:\Windows\System32\lxdkusb1.dll
[2008/12/28 14:27:57 | 00,434,176 | ---- | C] ( ) -- C:\Windows\System32\lxdkhcp.dll
[2008/12/28 14:27:57 | 00,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdkinpa.dll
[2008/12/28 14:27:57 | 00,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdkiesc.dll
[2008/12/28 14:27:56 | 00,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdkpmui.dll
[2008/12/28 14:27:56 | 00,565,248 | ---- | C] ( ) -- C:\Windows\System32\lxdklmpm.dll
[2008/12/28 14:27:56 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdkprox.dll
[2008/12/28 14:27:55 | 00,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdkhbn3.dll
[2008/12/28 14:27:54 | 00,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdkcomc.dll
[2008/12/28 14:27:54 | 00,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdkcomm.dll
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/09 15:40:07 | 05,767,168 | -HS- | M] () -- C:\Users\ruthie\ntuser.dat
[2009/11/09 15:39:49 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\ruthie\Desktop\OTL.exe
[2009/11/09 15:19:22 | 00,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BBAF8C04-6106-431F-BC4D-5F308404B079}.job
[2009/11/09 15:18:27 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/09 15:18:01 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/09 15:18:01 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/09 15:17:45 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/09 15:17:20 | 93,800,8576 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/09 10:40:19 | 00,524,288 | -HS- | M] () -- C:\Users\ruthie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/11/09 10:40:19 | 00,065,536 | -HS- | M] () -- C:\Users\ruthie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/11/07 12:19:09 | 02,228,404 | -H-- | M] () -- C:\Users\ruthie\AppData\Local\IconCache.db
[2009/11/06 19:07:07 | 00,011,232 | ---- | M] () -- C:\Users\ruthie\Desktop\hijackthis11062
[2009/11/06 10:02:43 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/06 10:01:48 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ruthie\Desktop\mbam-setup.exe
[2009/11/05 21:23:10 | 00,140,727 | -H-- | M] () -- C:\Users\ruthie\Desktop\ZbThumbnail.info
[2009/11/05 19:50:23 | 00,024,576 | ---- | M] () -- C:\Users\ruthie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/05 15:25:21 | 00,000,490 | ---- | M] () -- C:\Users\ruthie\Desktop\log115 - Shortcut.lnk
[2009/11/05 15:22:35 | 00,000,519 | ---- | M] () -- C:\Users\ruthie\Desktop\info115 - Shortcut.lnk
[2009/11/05 15:00:16 | 00,000,709 | ---- | M] () -- C:\Windows\System32\CommandDispatchers.xml
[2009/11/05 15:00:04 | 00,001,349 | ---- | M] () -- C:\Windows\System32\cleaner-config.xml
[2009/11/05 09:25:25 | 00,001,007 | ---- | M] () -- C:\Users\Public\Desktop\SpeedUpMyPC 2009.lnk
[2009/11/04 09:48:31 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/04 09:48:31 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/04 09:48:31 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/10/30 20:26:04 | 00,001,874 | ---- | M] () -- C:\Users\ruthie\Desktop\HijackThis.lnk
[2009/10/30 08:53:27 | 01,769,000 | ---- | M] () -- C:\Users\ruthie\Desktop\FW_WRT54GSv7_7.50.7.013_EN_20090727.bin
[2009/10/29 14:52:46 | 00,000,680 | ---- | M] () -- C:\Users\ruthie\AppData\Local\d3d9caps.dat
[2009/10/29 14:37:20 | 14,415,4472 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/10/29 10:32:50 | 01,769,000 | ---- | M] () -- C:\Users\ruthie\Desktop\firmwareupdate.bin
[2009/10/19 09:25:09 | 03,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/10/17 15:50:22 | 05,767,168 | -HS- | M] () -- C:\Users\ruthie\ntuser.dat_previous
[2009/10/15 18:24:13 | 00,000,133 | ---- | M] () -- C:\Users\ruthie\Desktop\Schuylkill Parcel Locator.url
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[43 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/06 19:07:07 | 00,011,232 | ---- | C] () -- C:\Users\ruthie\Desktop\hijackthis11062
[2009/11/06 10:02:43 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/05 15:25:21 | 00,000,490 | ---- | C] () -- C:\Users\ruthie\Desktop\log115 - Shortcut.lnk
[2009/11/05 15:22:35 | 00,000,519 | ---- | C] () -- C:\Users\ruthie\Desktop\info115 - Shortcut.lnk
[2009/11/05 15:00:11 | 00,000,709 | ---- | C] () -- C:\Windows\System32\CommandDispatchers.xml
[2009/11/05 15:00:03 | 00,001,349 | ---- | C] () -- C:\Windows\System32\cleaner-config.xml
[2009/11/05 09:25:25 | 00,001,007 | ---- | C] () -- C:\Users\Public\Desktop\SpeedUpMyPC 2009.lnk
[2009/10/30 20:26:04 | 00,001,874 | ---- | C] () -- C:\Users\ruthie\Desktop\HijackThis.lnk
[2009/10/30 09:11:28 | 02,228,404 | -H-- | C] () -- C:\Users\ruthie\AppData\Local\IconCache.db
[2009/10/30 08:53:15 | 01,769,000 | ---- | C] () -- C:\Users\ruthie\Desktop\FW_WRT54GSv7_7.50.7.013_EN_20090727.bin
[2009/10/30 08:39:39 | 93,800,8576 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/29 10:31:46 | 01,769,000 | ---- | C] () -- C:\Users\ruthie\Desktop\firmwareupdate.bin
[2009/10/15 18:24:12 | 00,000,133 | ---- | C] () -- C:\Users\ruthie\Desktop\Schuylkill Parcel Locator.url
[2009/09/28 09:11:48 | 00,000,105 | ---- | C] () -- C:\ProgramData\lxdk
[2009/03/09 19:24:48 | 00,000,680 | ---- | C] () -- C:\Users\ruthie\AppData\Local\d3d9caps.dat
[2009/02/21 10:09:51 | 00,000,276 | ---- | C] () -- C:\Users\ruthie\AppData\Roaming\wklnhst.dat
[2008/12/28 14:33:46 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdkcoin.dll
[2008/12/28 14:30:57 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXDKPMON.DLL
[2008/12/28 14:30:57 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXDKFXPU.DLL
[2008/12/28 14:30:36 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdkoem.dll
[2008/12/28 14:28:12 | 00,000,060 | ---- | C] () -- C:\Windows\System32\lxdkrwrd.ini
[2008/12/28 14:27:58 | 00,348,160 | ---- | C] () -- C:\Windows\System32\lxdkinst.dll
[2008/12/28 14:27:55 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxdkgrd.dll
[2008/10/09 13:44:04 | 00,000,643 | ---- | C] () -- C:\Windows\lexstat.ini
[2008/09/08 14:53:09 | 00,024,576 | ---- | C] () -- C:\Users\ruthie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/08 14:51:05 | 00,092,016 | ---- | C] () -- C:\Users\ruthie\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/02/11 08:39:26 | 00,253,952 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLA.dll
[2008/02/11 08:39:18 | 00,237,568 | ---- | C] () -- C:\Windows\System32\OnlineScannerDLLW.dll
[2008/02/08 12:53:46 | 00,110,592 | ---- | C] () -- C:\Windows\System32\OnlineScannerLang.dll
[2008/01/09 14:01:48 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2007/07/27 13:49:02 | 00,225,355 | ---- | C] () -- C:\Windows\System32\lnod32apiW.dll
[2007/07/27 13:49:02 | 00,196,683 | ---- | C] () -- C:\Windows\System32\lnod32apiA.dll
[2007/05/22 12:22:21 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdkdrs.dll
[2007/05/22 05:10:00 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxdkcaps.dll
[2007/02/26 06:43:57 | 00,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2007/02/26 06:43:57 | 00,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2007/02/14 09:35:07 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxdkcnv4.dll
[2007/01/10 06:56:34 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 07:37:35 | 00,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 07:37:35 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:35 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:35 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/08/11 02:00:40 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/08/11 02:00:40 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/31 20:53:18 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdkvs.dll
[2005/12/05 18:25:22 | 00,139,264 | ---- | C] () -- C:\Windows\System32\lnod32umc.dll
[2005/12/05 11:37:10 | 00,106,496 | ---- | C] () -- C:\Windows\System32\lnod32upd.dll
[2004/09/16 15:24:26 | 03,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
extras logfile -
OTL Extras logfile created on: 11/9/2009 3:41:25 PM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Users\ruthie\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.82 Mb Total Physical Memory | 160.55 Mb Available Physical Memory | 17.96% Memory free
2.00 Gb Paging File | 0.75 Gb Available in Paging File | 37.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.21 Gb Total Space | 156.92 Gb Free Space | 69.67% Space Free | Partition Type: NTFS
Drive D: | 7.67 Gb Total Space | 0.00 Gb Free Space | 0.03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RUTHIE-PC
Current User Name: ruthie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B1B5C0D-D143-44E3-BCDC-A00E85313301}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe |
"{0E597EF2-FBD0-41A2-8FA2-D54AF3AE33BF}" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\frun.exe |
"{1506AAA7-B3F6-4FD2-A068-E71AFE91FB22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{29A943D8-111A-4828-BE46-52CDE466F5C7}" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\lxdkmon.exe |
"{2C52C4A1-8AD3-46C2-8D0A-BB298F29B22B}" = protocol=17 | dir=in | app=c:\windows\system32\lxdkcoms.exe |
"{313AB2DC-2862-4463-B698-0567713CC168}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B790114-8FDD-4F7D-80E5-71A8EE52A682}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{4146A4DF-B531-491C-B824-28E934C62A4B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{51A086B9-E7FC-48C0-8BA1-DF9A4F3BF7B2}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6021082D-64B4-4F03-B8C4-6BF12EF206CA}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdktime.exe |
"{62FC72A2-772F-49FC-BC25-0058E3A02F7B}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{668BFB96-0523-40E6-9910-84491F3E2F83}" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\lxdkamon.exe |
"{68A7E305-8F20-4510-83EF-437B483125B3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{697C44FF-6ED1-489D-9273-61FD1F8B0F89}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7DEF628A-FBE2-4001-B959-A663958A76EC}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8E3E8733-0D67-48E0-8D7A-09B45A88C07D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{93BDD062-B3B4-4411-8636-664F54563295}" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\frun.exe |
"{990300E6-7E5B-4438-92AE-3D784E40F07F}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |
"{9D043C26-B92F-4DBA-BF37-CFA0404FBC05}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{9DA63294-17E5-4D81-83DA-DB416E7FF69B}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A35808B9-16AF-4D44-9363-6011A6EC7318}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe |
"{AAD673D0-65F5-40E2-9CAB-D1F542231B80}" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\lxdkamon.exe |
"{BD9ADFD6-62E0-422A-BA35-0EE099D8446F}" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\lxdkfax.exe |
"{C3BDB26F-1717-43F7-9AEA-4E87575DF170}" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\lxdkfax.exe |
"{CBCCD568-9AA3-48C9-B6BC-1CC8B5F8B352}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkjswx.exe |
"{DA6042A8-2413-4A03-9106-CDD68D15C7BB}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkwbgw.exe |
"{E15C6B48-2B47-4912-9531-CEEB005803D3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkwbgw.exe |
"{E20D7F4A-62AF-4335-9917-1567067C56A1}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E2311E62-23E7-4E4E-8B47-3FF4CD227658}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdktime.exe |
"{E7394016-D505-4368-B585-3529F8096ECA}" = protocol=6 | dir=in | app=c:\windows\system32\lxdkcoms.exe |
"{F16F0912-B06F-4323-B979-8BCE7F1C6259}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkjswx.exe |
"{F51ED739-A5F4-4B2D-BD5D-123DB12C16D0}" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\lxdkmon.exe |
"{F69070C0-00B2-4BA3-9FA9-4C2136CC39E8}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FB3443AE-F7CD-419B-AB72-71B4AD8C72B4}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"TCP Query User{4545D1D6-93AA-49D4-BDFF-B1C99EB5E06D}C:\program files\lexmark 5300 series\frun.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\frun.exe |
"TCP Query User{573F2771-F7FE-4582-980C-75BC464DA572}C:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe |
"TCP Query User{91397331-72C4-4CEE-9677-8269EE89EBD7}C:\program files\lexmark 5300 series\lxdkmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 5300 series\lxdkmon.exe |
"TCP Query User{AC11657F-3C32-4C01-951E-D7363AE22CC5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AD5088CF-524F-450E-BF5C-52CD5B728B36}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2DC574E2-51A6-42D2-BE6A-F950E918720F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2F0EC382-F1C1-4B76-A2AE-F3229581DE04}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{857B75B7-6D06-40DC-B16E-DD524D81D45E}C:\program files\lexmark 5300 series\frun.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\frun.exe |
"UDP Query User{B2FDEECF-F886-4161-8C56-C9EDEBAEF63E}C:\program files\lexmark 5300 series\lxdkmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 5300 series\lxdkmon.exe |
"UDP Query User{BA79E65D-A203-4714-AC3D-5C44520BAA5D}C:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdkpswx.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{2D6ED011-055B-4041-B198-BB903827EBFB}" = Safari
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CA976C-403C-47E2-940B-733ECAB6F62B}" = muvee autoProducer 5.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CBFEEA43-2B94-44AF-8325-B413E62D2A5D}" = HP Total Care Advisor
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5462C8A-D08C-4163-8293-82F2E11A2760}" = Trend Micro TrendProtect for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}" = Roxio MyDVD Basic v9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"avast!" = avast! Antivirus
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"EsetOnlineScanner" = ESET Online Scanner
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Lexmark 5300 Series" = Lexmark 5300 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Caps/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Rhapsody" = Rhapsody
"SpywareBlaster_is1" = SpywareBlaster 4.1
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
"Walmart MP3 Music Downloads" = Walmart MP3 Music Downloads
"WildTangent hpdesktop Master Uninstall" = My HP Games
"Window Washer" = Window Washer
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 3/19/2009 7:50:32 PM | Computer Name = ruthie-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.
Error - 4/17/2009 12:17:29 PM | Computer Name = ruthie-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\System32\spool\PRINTERS\FP00000.SHD failed, 00000005.
Error - 8/3/2009 10:15:49 PM | Computer Name = ruthie-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\ruthie\AppData\Roaming\Real\Rhapsody\1.sqlite\local.seb failed, 00000005.
Error - 8/15/2009 12:41:38 PM | Computer Name = ruthie-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\ruthie\AppData\Local\Temp\Cddb\11054336\cddb.db failed, 00000005.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >