Checkup results:
Results of screen317's Security Check version 0.99.8
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check: Windows Firewall Enabled!
Symantec Endpoint Protection
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check: MVPS Hosts File
Malwarebytes' Anti-Malware
AML Free Registry Cleaner 4.21
IBM 32-bit Runtime Environment for Java 2, v1.4.2
Java(TM) 6 Update 23
Java(TM) 6 Update 7
IBM 32-bit Runtime Environment for Java 2, v1.4.2
Out of date Java installed! Adobe Flash Player 9
(Out of date Flash Player installed!) Adobe Flash Player
Adobe Reader 7.1.0
Out of date Adobe Reader installed! ````````````````````````````````
Process Check:
objlist.exe by Laurent Norton ccSvcHst.exe
``````````End of Log```````````` OTL.Txt:
OTL logfile created on: 1/17/2011 5:19:58 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Jim Cargill\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.02 Gb Total Space | 38.71 Gb Free Space | 55.28% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 92.21 Gb Free Space | 39.60% Space Free | Partition Type: NTFS
Drive R: | 99.72 Mb Total Space | 41.55 Mb Free Space | 41.67% Space Free | Partition Type: FAT
Computer Name: LENOVO-D031BFEE | User Name: Jim Cargill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Jim Cargill\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
PRC - C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe ()
PRC - D:\Program_Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
PRC - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe ()
PRC - C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe (Lenovo Group Limited)
PRC - C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe (Lenovo Group Limited)
PRC - C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe (IBM)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
PRC - C:\WINDOWS\system32\FSRremoS.EXE ()
PRC - C:\WINDOWS\system32\pctspk.exe ()
PRC - C:\WINDOWS\system32\WISPTIS.EXE (Microsoft Corporation)
PRC - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe (Symantec Corporation)
PRC - C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe (Symantec Corporation)
PRC - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
PRC - C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE (Symantec Corporation)
PRC - C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE (Symantec Corporation)
PRC - C:\WINDOWS\TPPALDR.EXE (Cypress Semiconductor)
PRC - C:\WINDOWS\system32\exshow95.exe (Kensington Technology Group)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Jim Cargill\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll (Alcatel-Lucent)
========== Win32 Services (SafeList) ========== SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (TVT Scheduler) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (PsaSrv) -- C:\WINDOWS\System32\drivers\psasrv.exe ()
SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (NBService) -- D:\Program_Files\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (TVT Backup Service) -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe ()
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (TSSCoreService) -- C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe (IBM)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (NetGroup - Politecnico di Torino)
SRV - (Pctspk) -- C:\WINDOWS\system32\pctspk.exe ()
SRV - (ICDSPTSV) -- C:\WINDOWS\system32\IcdSptSv.exe (Sony Corporation)
SRV - (GhostStartService) -- C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe (Symantec Corporation)
SRV - (NProtectService) -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
SRV - (Speed Disk service) -- C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE (Symantec Corporation)
========== Driver Services (SafeList) ========== DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110116.003\NAVEX15.SYS (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110116.003\NAVENG.SYS (Symantec Corporation)
DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\WpsHelper.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (gmer) -- C:\WINDOWS\system32\drivers\gmer.sys (GMER)
DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation)
DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (EGATHDRV) -- C:\WINDOWS\system32\EGATHDRV.SYS (IBM Corporation)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (TPM) -- C:\WINDOWS\system32\drivers\tpm.sys (Winbond Electronics Corp.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)
DRV - (ibmfilter) -- C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM)
DRV - (ANCSQ) -- C:\WINDOWS\System32\drivers\ANCSQ.sys (IBM Corp.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (PrivateDisk) -- C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\privatediskm.sys (Utimaco Safeware AG)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (smi2) -- C:\Program Files\SMI2\smi2.sys (IBM Corp.)
DRV - (TPM12) -- C:\WINDOWS\system32\drivers\nsctpm12.sys (National Semiconductor Corp.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (NetGroup - Politecnico di Torino)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (vobiw) -- C:\WINDOWS\System32\drivers\vobIW.sys (Pinnacle Systems GmbH)
DRV - (cdrdrv) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys (Pinnacle Systems GmbH)
DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (Ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.)
DRV - (Vpctcom) -- C:\WINDOWS\system32\drivers\vpctcom.sys (PCtel, Inc.)
DRV - (Vvoice) -- C:\WINDOWS\system32\drivers\vvoice.sys (PCtel, Inc.)
DRV - (Vmodem) -- C:\WINDOWS\system32\drivers\vmodem.sys (PCTEL, INC.)
DRV - (VOBID) -- C:\WINDOWS\system32\DRIVERS\vobid.sys (Pinnacle Systems)
DRV - (pelusblf) -- C:\WINDOWS\system32\drivers\pelusblf.sys (Primax Electronics Ltd.)
DRV - (pelmouse) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS (Primax Electronics Ltd.)
DRV - (GhPciScan) -- C:\Program Files\Norton SystemWorks\Norton Ghost\GhPciScan.sys (Symantec Corporation)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (NPDriver) -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS (Symantec Corporation)
DRV - (TPP200) USB Storage Adapter V2 (TPP) -- C:\WINDOWS\system32\drivers\TPP200.SYS (Cypress Semiconductor)
DRV - (KMW_SYS) -- C:\WINDOWS\system32\drivers\KMW_SYS.sys (Kensington Technology Group)
DRV - (KID_SYS) -- C:\WINDOWS\system32\drivers\kid_sys.sys (Kensington Technology Group)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Ptserlp) -- C:\WINDOWS\system32\drivers\ptserlp.sys (PCTEL, INC.)
DRV - (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
DRV - (pmem) -- C:\WINDOWS\system32\drivers\PMEMNT.SYS (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: D:\Program_Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/26 14:11:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/14 15:24:57 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/01/16 09:21:18 | 000,429,935 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.123topsearch.comO1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1
www.132.comO1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1
www.136136.netO1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1
www.163ns.comO1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14804 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program_Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {521E1B2B-0D05-4F9A-91EE-8FCDD4A28DCF} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program_Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (no name) - {E43231E9-17C7-4336-BD4E-504D823D082D} - No CLSID value found.
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program_Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [cssauth] C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [EXSHOW95.EXE] C:\WINDOWS\System32\exshow95.exe (Kensington Technology Group)
O4 - HKLM..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [IBM Warranty Notification] C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe (IBM Corporation)
O4 - HKLM..\Run: [ISUSScheduler] c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PCTVOICE] C:\WINDOWS\System32\pctspk.exe ()
O4 - HKLM..\Run: [PDService.exe] C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] D:\Program_Files\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE (Cypress Semiconductor)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005..\Run: [SpybotSD TeaTimer] D:\Program_Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Jim Cargill\Start Menu\Programs\Startup\Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program_Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program_Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
https://activatemydsl.verizon.net/sdcCo ... taller.cab (Support.com Configuration Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {08D390AE-5101-4701-A89F-6C6DADCCC402}
http://photos.msn.com/resources/neutral ... 10,0,910,0 (MSN Photo Select Tool)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E}
http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944}
http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345}
https://www-secure.symantec.com/techsup ... gctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 5441190031 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8C28EFD7-767B-11D1-844B-0060972DC2AC}
https://brio.cit.cornell.edu/Brio/zeroa ... elp.en.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/1.4 ... 42-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://boystomenccc.webex.com/client/T ... eatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954}
http://photos.msn.com/resources/neutral ... 10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\urqQjhFx: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21 - SSODL: CheckDrive - {af75812e-67e8-4d09-834f-3b537bedfa28} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/02/08 03:25:45 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000/06/23 12:16:04 | 000,000,045 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{42772597-bb6a-11db-b939-0016416b4cb2}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2001/06/04 15:22:36 | 000,040,960 | ---- | M] ()
O33 - MountPoints2\{7152ebd0-2fb5-11df-8520-0016416b4cb2}\Shell - "" = AutoRun
O33 - MountPoints2\{7152ebd0-2fb5-11df-8520-0016416b4cb2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{be10bace-174c-11df-850a-0016416b4cb2}\Shell - "" = AutoRun
O33 - MountPoints2\{be10bace-174c-11df-850a-0016416b4cb2}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/17 17:18:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jim Cargill\Desktop\OTL.exe
[2011/01/17 17:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim Cargill\Desktop\Security Results
[2011/01/13 20:35:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/01/13 20:35:00 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2011/01/13 20:31:12 | 000,146,102 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jim Cargill\Desktop\erunt-setup.exe
[2011/01/13 16:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/01/13 16:53:39 | 000,000,000 | ---D | C] -- C:\rsit
[2011/01/13 16:51:13 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Jim Cargill\Desktop\ATF-Cleaner.exe
[2011/01/13 16:41:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim Cargill\Start Menu\Programs\HiJackThis
[2011/01/03 08:37:54 | 000,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif13n.dll
[2011/01/03 08:37:48 | 000,450,560 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg13n.dll
[2011/01/03 08:37:48 | 000,401,408 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfcmp13n.dll
[2011/01/03 08:37:48 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp13n.dll
[2010/12/28 10:23:41 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/28 10:23:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/28 10:23:41 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/09/28 13:39:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jim Cargill\Application Data\pcouffin.sys
========== Files - Modified Within 30 Days ========== [2011/01/17 17:18:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim Cargill\Desktop\OTL.exe
[2011/01/17 17:17:35 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1694142536-3309553471-3260457264-1005.job
[2011/01/17 17:17:35 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1694142536-3309553471-3260457264-1005.job
[2011/01/17 17:00:50 | 000,879,047 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\SecurityCheck.exe
[2011/01/17 16:47:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/17 14:03:21 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\Outlook 2003.lnk
[2011/01/17 11:11:56 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/01/17 10:46:30 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/17 10:45:47 | 000,025,354 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2011/01/17 10:44:13 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2011/01/17 10:44:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/17 10:42:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/17 10:41:54 | 1607,192,576 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/17 08:55:44 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003 (3).lnk
[2011/01/16 09:21:18 | 000,429,935 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/01/14 20:19:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[2011/01/13 20:31:45 | 000,146,102 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jim Cargill\Desktop\erunt-setup.exe
[2011/01/13 20:16:13 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\RKUnhookerLE.EXE
[2011/01/13 16:53:34 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\RSIT.exe
[2011/01/13 16:51:18 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Jim Cargill\Desktop\ATF-Cleaner.exe
[2011/01/13 16:44:10 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\HiJackThis.lnk
[2011/01/13 16:43:55 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\Shortcut to HiJackThis.exe.lnk
[2011/01/13 15:47:15 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System32\TrueSoft.dat
[2011/01/13 15:42:35 | 000,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2011/01/13 09:00:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/01/05 16:17:52 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\default.pls
[2011/01/05 15:40:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/01/01 11:58:56 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/30 18:13:07 | 000,429,671 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110116-092118.backup
[2010/12/30 18:10:57 | 000,429,671 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101230-181307.backup
[2010/12/29 11:55:13 | 000,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2010/12/29 10:00:09 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Application Data\Microsoft\Internet Explorer\Quick Launch\Copy of Excel 2003.lnk
[2010/12/28 19:38:04 | 000,002,405 | ---- | M] () -- C:\Documents and Settings\Jim Cargill\Desktop\Picture Manager.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
========== Files Created - No Company Name ========== [2011/01/17 16:59:19 | 000,879,047 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Desktop\SecurityCheck.exe
[2011/01/13 20:16:06 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Desktop\RKUnhookerLE.EXE
[2011/01/13 16:52:40 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Desktop\RSIT.exe
[2011/01/13 16:43:55 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Desktop\Shortcut to HiJackThis.exe.lnk
[2011/01/13 16:41:54 | 000,002,337 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Desktop\HiJackThis.lnk
[2010/01/26 13:42:35 | 000,526,848 | ---- | C] () -- C:\WINDOWS\System32\hpgtg400.dll
[2009/10/21 12:24:04 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS23.DLL
[2009/09/28 13:40:01 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\pcouffin.log
[2009/09/28 13:39:26 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\inst.exe
[2009/09/28 13:39:26 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\pcouffin.cat
[2009/09/28 13:39:26 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\pcouffin.inf
[2009/06/27 11:57:59 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/06/27 11:57:59 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1AEEEBFA03.sys
[2009/05/14 08:07:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Screen Savers
[2009/05/14 08:07:51 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\Sampler Files
[2009/05/14 08:07:51 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/05/14 08:07:51 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sound Effects
[2009/05/08 12:03:04 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/04/29 16:59:15 | 000,003,799 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/08/31 07:40:45 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/08/31 07:40:43 | 000,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/08/14 19:02:32 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2008/07/09 20:39:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVEdit.INI
[2008/07/09 20:16:42 | 000,002,714 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Application Data\SAS7_000.DAT
[2008/07/09 19:15:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dsp_trc.dll
[2008/07/09 19:15:50 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\IcdSptSvps.dll
[2008/03/11 19:59:13 | 000,000,074 | ---- | C] () -- C:\WINDOWS\brioqplg.ini
[2008/03/11 19:59:02 | 000,032,389 | ---- | C] () -- C:\WINDOWS\bqformat.ini
[2008/02/11 11:13:10 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/02/05 12:28:20 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Local Settings\Application Data\setup.txt
[2008/01/26 10:32:59 | 000,000,108 | ---- | C] () -- C:\WINDOWS\MULTIHLP.INI
[2008/01/26 10:32:58 | 000,000,497 | ---- | C] () -- C:\WINDOWS\PXDLITE.INI
[2008/01/26 10:32:58 | 000,000,452 | ---- | C] () -- C:\WINDOWS\PDOXWIN.INI
[2008/01/26 10:32:58 | 000,000,197 | ---- | C] () -- C:\WINDOWS\WINHELP.INI
[2008/01/04 14:13:58 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2007/12/02 07:20:52 | 002,115,816 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/08/23 18:38:40 | 000,000,139 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2007/08/23 18:38:32 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/08/23 18:29:47 | 000,003,449 | ---- | C] () -- C:\WINDOWS\ATM.INI
[2007/08/23 18:27:26 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/07/16 11:58:10 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007/07/16 11:58:00 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007/07/07 06:53:24 | 000,005,528 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2007/07/07 06:53:24 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2007/07/07 06:53:07 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FSRremoC.DLL
[2007/04/24 14:36:17 | 000,000,077 | ---- | C] () -- C:\WINDOWS\ZRLINK.INI
[2007/02/15 09:20:03 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/13 12:31:46 | 000,005,615 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/02/09 20:25:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/02/08 23:14:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2007/02/08 03:25:21 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Jim Cargill\Local Settings\Application Data\fusioncache.dat
[2007/02/06 08:33:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/02/06 07:54:08 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/02/06 07:51:24 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/02/06 07:31:59 | 000,000,447 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/02/06 07:31:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/02/06 07:31:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/02/06 07:31:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/02/06 07:31:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/02/06 07:31:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/02/06 07:31:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/02/05 11:25:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/01/29 10:36:32 | 000,025,354 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2004/08/09 14:03:43 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/09 13:46:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/15 05:01:26 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2003/09/17 10:12:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\TX32.DLL
[2003/04/10 19:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/17 16:46:30 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\ISP2000.dll
[2002/02/27 17:28:16 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2002/02/27 17:28:16 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2002/02/27 17:28:14 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2002/02/27 17:28:14 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2002/02/27 17:28:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[1997/09/12 16:41:00 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\Eztw32.dll
[1980/01/01 03:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[1980/01/01 03:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[1980/01/01 03:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[1980/01/01 03:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[1980/01/01 03:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
< End of report >
Extras.Txt results:
OTL Extras logfile created on: 1/17/2011 5:19:58 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Jim Cargill\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.02 Gb Total Space | 38.71 Gb Free Space | 55.28% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 92.21 Gb Free Space | 39.60% Space Free | Partition Type: NTFS
Drive R: | 99.72 Mb Total Space | 41.55 Mb Free Space | 41.67% Space Free | Partition Type: FAT
Computer Name: LENOVO-D031BFEE | User Name: Jim Cargill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"SerialNumber" = A109A-K13-3ZXD-BAP5-TE
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Program_Files\HP\Digital Imaging\{2D250E57-9890-44a6-B08F-5C02C991EF24}\setup\hpznui01.exe" = D:\Program_Files\HP\Digital Imaging\{2D250E57-9890-44a6-B08F-5C02C991EF24}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\bin\hpofxm08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hposfx08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hposid01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpfcCopy.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpoews01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpiscnapp.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqsudi.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqpsapp.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpofxs08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqfxt08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"D:\Program_Files\HP\Digital Imaging\bin\hpqpse.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\HP Software Update\hpwucli.exe" = D:\Program_Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = D:\Program_Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"D:\Program_Files\HP\Digital Imaging\{2D250E57-9890-44a6-B08F-5C02C991EF24}\setup\hpznui01.exe" = D:\Program_Files\HP\Digital Imaging\{2D250E57-9890-44a6-B08F-5C02C991EF24}\setup\hpznui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\bin\hpofxm08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hposfx08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hposid01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpfcCopy.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpoews01.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpiscnapp.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqsudi.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqpsapp.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpofxs08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqfxt08.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (TODO: <Company name>)
"D:\Program_Files\HP\Digital Imaging\bin\hpqpse.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"D:\Program_Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = D:\Program_Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"D:\Program_Files\HP\HP Software Update\hpwucli.exe" = D:\Program_Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"D:\Program_Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = D:\Program_Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015A0855-1EF5-4C77-93DB-8E2FC6A495B5}" = Microsoft Money 2003
"{02D5E8EE-0B08-4F2C-97D6-A400E77275FE}" = Microsoft Money 2003 System Pack
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{11107A2A-AD44-4BC8-ABB5-E88E63BCA785}" = Intel(R) Network Connections 14.8.43.0
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{141F2872-D2F9-4A89-95D3-E222D1CBCC56}" = Vz In Home Agent
"{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}" = Cisco Systems VPN Client 5.0.01.0600
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{17B66E83-1BC9-11D5-A54A-0090278A1BB8}" = Microsoft FrontPage Client - English
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19a5dd5e-9675-41ef-b02a-5bdb53fb5557}" = C309a
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{20610409-CA18-41A6-9E21-A93AE82EE7C5}" = Visual Studio .NET Professional 2003 - English
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2D250E57-9890-44a6-B08F-5C02C991EF24}" = HP Photosmart C309a All-In-One Driver Software 12.0 Rel .5
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1" = AML Free Registry Cleaner 4.21
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3744B641-61DE-417F-BCDC-9CCED4224DF8}" = LightScribe System Software
"{38D56396-298F-4874-B4EC-16B530B07879}" = HP Scanjet G4000 series 8.0
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{43C3D832-AC96-463A-2003-1B8D1BFA2523}" = Norton SystemWorks 2003
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57764780-E33B-11D1-96ED-00A024A83A15}" = Kensington MouseWorks
"{59FCBBA8-051C-4F56-8FBF-D45AE8080863}" = Complete CD Maker
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6B5D8CB6-0156-4B50-9DAA-618FF9FC18A6}" = Pinnacle InstantCD/DVD Suite
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{76B2BC31-2D96-4170-9C44-09E13B5555F3}" = Symantec Endpoint Protection
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{847CAE64-4CD2-4B2D-AF00-978FF5431033}" = Nero 7 Ultra Edition
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87E91B85-9A4A-4B1E-930E-3429D146FEB3}" = ScannerCopy
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7259DDF-33BC-4E37-B3C9-41AA7AD988F6}" = TPM Device Driver
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BF90215F-2D7B-4C84-8A24-A03BC41B95DD}" = Rescue and Recovery - Client Security Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1704101-D142-42A4-83E5-F938F13DBD94}" = hpg4000QFolder
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{d3c33f97-7936-4301-815f-2cf4ea5a467f}" = PS_AIO_05_C309_Software_Min
"{D44D97D9-919B-4A6D-ABE8-C84B3DD757A9}" = Hyperion Intelligence Client
"{D4D24FE5-FAB3-4FE2-AFFC-623955F4DF3A}" = Visual Studio.NET Baseline - English
"{D5A4CE1B-59ED-4D85-A3B2-6E0AFF448E4B}" = Diskeeper Lite
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkCentre
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ECF27176-4815-4F75-98DC-3E5568166C97}" = Adobe Flash Player 9 Plugin
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD7F3626-80DE-4E99-A11D-0BFB4350A00C}" = hpG4000
"743EFCFE43C32543E0804C954858554E49909A4A" = Windows Driver Package - Hewlett-Packard Image (12/14/2009 13.0.0.61)
"8C4A0110061C7DE8FAF26F04E56574C95D322DC2" = Windows Driver Package - Winbond Electronics Corporation Winbond Trusted Platform Module (06/30/2005 5.1.47.2011)
"Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker
"Acoustica Photos Forever" = Acoustica Photos Forever
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop v4.0" = Adobe Photoshop v4.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"AJB 6000 update" = AJB 6000 update
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Atomic Clock Sync" = Atomic Clock Sync
"AwayTask" = Maintenance Manager
"Canon BJC-3000 Deinstall" = Canon BJC-3000 Printer
"Canon SELPHY CP780" = Canon SELPHY CP780
"CANONBJ_Deinstall_CNMCP23.DLL" = Canon BJC-3000 (BJRSTR)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"FileZilla" = FileZilla (remove only)
"Geekbench 2.1" = Geekbench 2.1
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HP-LaserJet 1020 series" = LaserJet 1020 series
"HPOCR" = OCR Software by I.R.I.S. 12.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Installing HSP56 MicroModem Drivers" = HSP56 Modem Drivers
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Mouse Suite
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero PhotoShow Express" = Nero PhotoShow Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton Speed Disk" = Norton Speed Disk 7.0 for Windows NT
"Norton Utilities" = Norton Utilities 2003 for Windows
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"RealPlayer 12.0" = RealPlayer
"Remove Multimedia Center" = Remove Multimedia Center
"ScanModule V5.1" = ScanModule V5.1
"SELPHY Photo Print" = Canon Utilities SELPHY Photo Print
"SELPHY Print Contents 100" = Canon Utilities SELPHY Print Contents 1.0.0
"TPP200" = USB Storage Adapter V2 (TPP)
"Verizon Help and Support" = Verizon Help and Support Tool
"Visual Studio .NET Professional 2003 - English" = Microsoft Visual Studio .NET Professional 2003 - English
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 3.1 beta4
"WinRAR archiver" = WinRAR archiver
"WM_Recorder_102" = WM Recorder + RM Recorder 10.21
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XLink/Win_is1" = XLink/Win Version 2.7b
"Zaurus Application Partner" = Zaurus Application Partner
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1694142536-3309553471-3260457264-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/10/2011 12:25:17 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/11/2011 1:27:18 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711754
Description = TruScan has generated an error: code 11: description: Whitelist Failure
Error - 1/11/2011 7:11:07 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/11/2011 7:11:25 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/16/2011 7:08:57 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/16/2011 7:08:58 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
[ Application Events ]
Error - 1/10/2011 12:25:17 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/11/2011 1:27:18 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711754
Description = TruScan has generated an error: code 11: description: Whitelist Failure
Error - 1/11/2011 7:11:07 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/11/2011 7:11:25 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/16/2011 7:08:57 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/16/2011 7:08:58 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
[ Application Events ]
Error - 1/10/2011 12:25:17 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/11/2011 1:27:18 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711754
Description = TruScan has generated an error: code 11: description: Whitelist Failure
Error - 1/11/2011 7:11:07 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/11/2011 7:11:25 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/13/2011 7:08:22 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/14/2011 7:07:51 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
Error - 1/16/2011 7:08:57 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711726
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine succeeded. Action Description: The file was quarantined
successfully.
Error - 1/16/2011 7:08:58 PM | Computer Name = LENOVO-D031BFEE | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled
scan. Action: Quarantine failed : Leave Alone failed. Action Description: The
file was deleted successfully.
[ System Events ]
Error - 1/17/2011 11:09:48 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/17/2011 11:09:48 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/17/2011 11:09:48 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/17/2011 11:09:51 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/17/2011 11:09:51 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/17/2011 11:09:51 AM | Computer Name = LENOVO-D031BFEE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/17/2011 11:45:44 AM | Computer Name = LENOVO-D031BFEE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PCTEL Speaker Phone service
to connect.
Error - 1/17/2011 11:45:44 AM | Computer Name = LENOVO-D031BFEE | Source = Service Control Manager | ID = 7000
Description = The PCTEL Speaker Phone service failed to start due to the following
error: %%1053
Error - 1/17/2011 11:48:53 AM | Computer Name = LENOVO-D031BFEE | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 806e694f, parameter3
ad68f4b4, parameter4 00000000.
Error - 1/17/2011 6:03:55 PM | Computer Name = LENOVO-D031BFEE | Source = Print | ID = 6161
Description = The document
viewtopic.php?f=11&t=55370 owned by Jim Cargill failed to print on printer Canon BJC-3000 (BJRSTR). Data type:
NT EMF 1.008. Size of the spool file in bytes: 3407872. Number of bytes printed:
889736. Total number of pages in the document: 15. Number of pages printed: 3.
Client machine: \\LENOVO-D031BFEE. Win32 error code returned by the print processor:
122 (0x7a).
< End of report >
GMER to follow (it locked up my machine last time I tried to run it, so I'll send this stuff separately...