Askey127,
thanks for Helping with my problem.
I have hitmanpro installed and using the 30 days Trial,
as the old version I had running no longer updated.
It runs each morning on startup.
I was able to run rkill.exe I have posted results from all 3 logs First will be rkill Then otl.txt and final will be extras.txt
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 12/30/2011 at 12:16:54.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
C:\Documents and Settings\Family\My Documents\Webroot\Washer\wwDisp.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Documents and Settings\Family\My Documents\Family's Files\Intellicast.exe
Rkill completed on 12/30/2011 at 12:17:07.
OTL.Txt
OTL logfile created on: 12/30/2011 12:22:16 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.98 Mb Total Physical Memory | 436.84 Mb Available Physical Memory | 42.70% Memory free
3.34 Gb Paging File | 2.67 Gb Available in Paging File | 79.70% Paging File free
Paging file location(s): C:\pagefile.sys 2500 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.47 Gb Total Space | 46.81 Gb Free Space | 64.59% Space Free | Partition Type: NTFS
Drive M: | 931.51 Gb Total Space | 798.02 Gb Free Space | 85.67% Space Free | Partition Type: NTFS
Computer Name: IBM-C8A9E96DF6F | User Name: Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/12/30 12:14:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Family\Desktop\OTL.exe
PRC - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ccsvchst.exe
PRC - [2011/06/08 09:45:44 | 000,822,456 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2010/05/26 16:15:11 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/04/29 08:38:54 | 001,652,736 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2009/09/20 04:56:58 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 00:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/04/20 10:34:12 | 000,487,936 | ---- | M] (Webroot Software, Inc.) -- C:\WINDOWS\system32\wwSecure.exe
PRC - [2004/02/06 21:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
PRC - [2002/06/07 14:54:54 | 000,090,112 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002/06/07 14:02:56 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002/05/03 12:36:24 | 001,118,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\NMSSvc.Exe
PRC - [2002/04/18 18:32:36 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\PROMon.exe
PRC - [1998/05/01 15:00:00 | 000,260,096 | ---- | M] (Palm Computing, Inc., a 3Com Company) -- C:\WorkPad\HOTSYNC.EXE
========== Modules (No Company Name) ========== MOD - [2011/10/13 02:42:05 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_efeb1685\mscorlib.dll
MOD - [2011/10/13 02:41:59 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_9ac14dca\system.drawing.dll
MOD - [2011/10/12 20:24:02 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_622ebf64\system.xml.dll
MOD - [2011/10/12 20:23:37 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_66e38eb3\system.windows.forms.dll
MOD - [2011/10/12 20:22:55 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1f20dafb\system.dll
MOD - [2011/10/12 20:22:24 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2010/03/29 13:02:48 | 000,520,234 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2007/08/22 10:06:32 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2007/08/22 10:06:30 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2007/08/22 10:06:29 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2007/08/20 22:03:38 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2007/08/20 22:03:29 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2007/08/20 22:03:28 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2007/08/20 22:03:23 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2007/08/20 22:03:20 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2007/08/20 22:03:20 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2007/08/20 22:03:19 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2007/08/20 22:03:19 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2007/08/20 22:03:19 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2007/08/20 22:03:19 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2007/08/20 22:03:19 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2007/08/20 22:03:19 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2007/08/20 22:03:18 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2007/08/20 22:03:18 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2007/08/20 22:03:18 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2007/08/20 22:03:18 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2007/08/20 22:03:17 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2007/08/20 22:03:17 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2007/08/20 22:03:17 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2007/08/20 22:03:17 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2007/08/20 22:03:16 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2007/08/20 22:03:16 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2007/08/20 22:03:16 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2007/08/20 22:03:16 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2007/08/20 22:03:16 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2007/08/20 22:03:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2007/08/20 22:03:16 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2007/08/20 22:03:16 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2007/08/20 22:03:15 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2007/08/20 22:03:15 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2007/08/20 22:03:15 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2007/08/20 11:57:44 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2007/07/12 21:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2005/10/20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/10 13:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe -- (NAV)
SRV - [2010/03/29 07:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [Disabled | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/08/09 00:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2005/04/20 10:34:12 | 000,487,936 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\WINDOWS\system32\wwSecure.exe -- (wwSecSvc)
SRV - [2004/02/06 21:56:14 | 000,041,025 | ---- | M] (GEMTEKS) [Auto | Running] -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- (WLSVC)
SRV - [2002/06/07 14:02:56 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/05/03 12:36:24 | 001,118,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\NMSSvc.Exe -- (NMSSvc) Intel(R)
========== Driver Services (SafeList) ========== DRV - [2011/12/26 10:58:43 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20111230.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/12/26 10:58:43 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20111230.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/14 12:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20111221.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/09 03:59:44 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/09 03:59:44 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/10/24 10:59:48 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/10/21 14:31:56 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20111228.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/09/26 17:38:08 | 000,897,656 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1302000.00A\SYMEFA.SYS -- (SymEFA)
DRV - [2011/08/08 16:38:11 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1302000.00A\ccSetx86.sys -- (ccSet_NAV)
DRV - [2011/08/02 19:22:10 | 000,566,904 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1302000.00A\SRTSP.SYS -- (SRTSP)
DRV - [2011/08/02 19:22:10 | 000,031,864 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1302000.00A\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/07/25 19:18:39 | 000,387,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1302000.00A\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/07/25 19:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1302000.00A\SYMDS.SYS -- (SymDS)
DRV - [2011/07/25 19:15:51 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1302000.00A\Ironx86.SYS -- (SymIRON)
DRV - [2009/12/10 08:51:11 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/12/10 08:51:10 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/09/16 09:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/10/10 20:00:00 | 000,042,240 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2007/04/26 08:23:44 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/04/26 08:23:08 | 000,267,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2007/04/26 08:23:04 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/04/21 07:15:42 | 000,009,344 | ---- | M] (Hajo Krabbenhöft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tenCapture.sys -- (tenCapture)
DRV - [2005/10/26 09:06:30 | 000,356,096 | R--- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61) Linksys Wireless-G PCI Adapter Driver(RT61)
DRV - [2003/04/19 02:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003/03/02 19:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2002/05/03 12:36:44 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/03/06 13:48:06 | 001,171,584 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.k99.com/IE - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.eham.net/|http://www.arrl.org/|http://www.livingsocial.com/cities/209-boulder-county/more_deals|http://dailydeal.signonsandiego.com/|http://www.cbs8.com/|http://pmp.upickem.net/engine/Splash.aspx?contestid=28392|http://www.denverdailydeals.com/|http://denver.cbslocal.com/|http://www.kdvr.com/|http://www.thedenverchannel.com/index.html|http://minnesota.cbslocal.com/|http://www.mke-skywarn.org/|http://www.srh.noaa.gov/sju/|http://www.stormpulse.com/atlantic-map|http://myhurricane.net/|http://www.hwn.org/|http://www.caribbeancompass.com/shortwave.htm|http://www.stormcarib.com/|http://weather.caribseek.com/|http://www.mwxc.com/|http://www.archive.org/web/web.php"
FF - prefs.js..extensions.enabledItems:
kodak-companion@mozilla.com:2.1
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.21
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.6
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.9
FF - prefs.js..extensions.enabledItems: {8E722C16-301F-43d7-A17D-3882AC67FAA5}:0.76.0
FF - prefs.js..extensions.enabledItems: {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.12
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.9.35
FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledItems:
giorgio@gilestro.tk:1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:3.0.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
FF - prefs.js..extensions.enabledItems: {7e46441b-b21a-4680-aa80-4cef03867ff3}:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@sun.com/npsopluginmi;version=1.0: C:\Program Files\OpenOffice.org 2.2\program File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2011/10/24 14:57:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/21 10:48:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/21 10:48:52 | 000,000,000 | ---D | M]
[2008/12/06 18:17:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Family\Application Data\Mozilla\Extensions
[2011/12/30 04:39:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions
[2011/12/08 12:37:04 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/12/17 15:24:54 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2011/08/25 10:27:28 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/05/04 15:33:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/01 02:48:52 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2011/12/18 10:30:10 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2011/07/14 09:13:17 | 000,000,000 | ---D | M] ("Boomerang for GMail") -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}
[2011/12/19 10:49:45 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{7e46441b-b21a-4680-aa80-4cef03867ff3}
[2011/07/19 03:44:14 | 000,000,000 | ---D | M] (N0HR Propfire) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{8E722C16-301F-43d7-A17D-3882AC67FAA5}
[2011/06/20 09:02:55 | 000,000,000 | ---D | M] (Sage) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}
[2011/07/13 15:18:58 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2011/11/05 18:15:18 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/01/09 05:52:38 | 000,000,000 | ---D | M] (Wizz RSS News Reader) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{D5EDC062-A372-4936-B782-BD611DD18D86}
[2010/11/27 08:41:55 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2010/03/23 15:27:45 | 000,000,000 | ---D | M] (BlockSite) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/10/17 08:55:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/06/26 06:08:47 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/04/23 14:27:37 | 000,000,000 | ---D | M] (Imgur Uploader) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\giorgio@gilestro.tk
[2008/03/19 09:04:36 | 000,000,000 | ---D | M] (Ivy Video Converter Extension) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\ivy@ipodsoft.com.txt
[2011/03/30 08:20:30 | 000,000,000 | ---D | M] (Kodak EasyShare Gallery Companion) -- C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\cqobbvtn.default\extensions\kodak-companion@mozilla.com
[2011/12/30 04:39:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/04 10:12:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/06/06 03:44:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/10/24 14:57:16 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2011/06/04 10:12:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/10/12 14:05:29 | 001,650,688 | ---- | M] (Oklahoma Climatological Survey) -- C:\Program Files\mozilla firefox\plugins\NPWXM32.DLL
[2008/12/01 09:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\comcast.xml
O1 HOSTS File: ([2010/05/26 12:46:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (VERITAS Software, Inc.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ips\ipsbho.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..\Toolbar\ShellBrowser: (no name) - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - No CLSID value found.
O3 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..\Toolbar\WebBrowser: (no name) - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - No CLSID value found.
O3 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\irprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PROMon.exe] C:\WINDOWS\System32\PROMon.exe (Intel Corporation)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StorageGuard] C:\Program Files\VERITAS Software\Update Manager\sgtray.exe (VERITAS Software, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004..\Run: [Window Washer] C:\Documents and Settings\Family\My Documents\Webroot\Washer\wwDisp.exe (Webroot Software)
O4 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004..\RunOnce: [Index Washer] C:\Documents and Settings\Family\My Documents\Webroot\Washer\WashIdx.exe (Webroot Software, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\WorkPad\HOTSYNC.EXE (Palm Computing, Inc., a 3Com Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3789102929-1987578796-2449752138-1004\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes
file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C5A9D9B-7E07-4746-A2AA-F32E40242454}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\junomsg {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files\Juno\bin\jmsgpph.dll (Juno Online Services, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Family\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/20 09:26:20 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3c3f3ff6-4f4e-11dc-a8e7-00096b3affc0}\Shell - "" = AutoRun
O33 - MountPoints2\{3c3f3ff6-4f4e-11dc-a8e7-00096b3affc0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3c3f3ff6-4f4e-11dc-a8e7-00096b3affc0}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{9883668c-ad97-11dc-a992-00096b3affc0}\Shell - "" = AutoRun
O33 - MountPoints2\{9883668c-ad97-11dc-a992-00096b3affc0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9883668c-ad97-11dc-a992-00096b3affc0}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/12/30 12:14:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Family\Desktop\OTL.exe
[2011/12/28 10:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family\Start Menu\Programs\HiJackThis
[2011/12/24 07:28:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/12/24 07:28:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/12/24 07:28:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Family\My Documents\My Videos
[2011/12/24 07:28:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/12/14 20:39:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Family\Recent
[1996/11/18 22:15:46 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.dll
========== Files - Modified Within 30 Days ========== [2011/12/30 12:14:29 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\rkill.exe
[2011/12/30 12:14:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Family\Desktop\OTL.exe
[2011/12/30 04:02:59 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/12/30 04:01:20 | 000,004,598 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/12/30 03:47:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/30 03:47:36 | 1072,746,496 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/27 09:02:03 | 000,128,000 | ---- | M] () -- C:\Documents and Settings\Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 10:46:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/22 10:10:13 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/12/21 04:49:59 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Family\Application Data\af6cc3b0
[2011/12/21 04:49:54 | 000,001,202 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2011/12/21 04:39:06 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Family\Desktop\Shortcut to HitmanPro35.exe.lnk
[2011/12/20 18:17:17 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Family\Application Data\4fb13c4f
[2011/12/20 17:03:47 | 000,007,455 | ---- | M] () -- C:\Documents and Settings\Family\Application Data\5814b44a
[2011/12/17 08:11:29 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/15 20:31:13 | 000,485,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 12:31:22 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/14 20:39:56 | 000,000,533 | ---- | M] () -- C:\WINDOWS\JUNO.INI
[2011/12/14 03:43:08 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Weather Channel Desktop .lnk
[2011/12/10 06:56:36 | 000,000,018 | ---- | M] () -- C:\Documents and Settings\Family\My Documents\Intellicast.ini
[2011/11/30 12:39:10 | 000,015,989 | ---- | M] () -- C:\Documents and Settings\Family\My Documents\OutStandingChecks.ods
========== Files Created - No Company Name ========== [2011/12/30 12:14:33 | 001,008,141 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\rkill.exe
[2011/12/21 04:49:54 | 000,001,202 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2011/12/21 04:39:05 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\Family\Desktop\Shortcut to HitmanPro35.exe.lnk
[2011/12/19 11:12:06 | 000,007,455 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\5814b44a
[2011/12/19 10:50:15 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\4fb13c4f
[2011/12/19 10:50:09 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\af6cc3b0
[2011/06/09 03:39:43 | 000,410,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3789102929-1987578796-2449752138-1004-0.dat
[2011/06/08 21:02:58 | 000,410,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/05/26 12:13:32 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/26 12:13:32 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/26 12:13:32 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/26 12:13:32 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/26 12:13:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/25 11:10:27 | 000,128,000 | ---- | C] () -- C:\Documents and Settings\Family\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/25 02:32:53 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Family\Local Settings\Application Data\fusioncache.dat
[2010/05/18 11:50:34 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2009/06/19 15:02:57 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/01/12 16:13:04 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\pdwindows20.bin
[2009/01/12 16:07:32 | 000,073,216 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe
[2008/07/25 10:51:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/07/21 11:39:29 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/06/05 15:52:00 | 000,000,401 | ---- | C] () -- C:\Documents and Settings\Family\Application Data\WeatherScopePrefs.xml
[2008/04/17 07:57:55 | 000,096,577 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008/02/23 14:44:27 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2008/02/13 09:08:08 | 000,000,220 | ---- | C] () -- C:\WINDOWS\klingfu.ini
[2008/01/18 09:22:30 | 000,000,076 | ---- | C] () -- C:\WINDOWS\Yaesu.ini
[2008/01/11 15:06:31 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2008/01/11 15:06:30 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2007/11/14 15:33:35 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/13 11:01:51 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2007/10/24 14:52:16 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/09/21 08:49:49 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/10 10:37:41 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/08/30 08:43:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/20 22:17:12 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/08/20 22:13:30 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/08/20 21:54:04 | 000,117,121 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2007/08/20 21:51:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/08/20 21:49:48 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2007/08/20 17:40:26 | 000,001,156 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/08/20 11:33:32 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2007/08/20 10:15:23 | 000,004,704 | ---- | C] () -- C:\WINDOWS\psdxport.ini
[2007/08/20 10:15:23 | 000,000,054 | ---- | C] () -- C:\WINDOWS\psdewin.ini
[2007/08/20 10:15:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/08/20 10:07:44 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2007/08/20 10:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2007/08/20 10:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2007/08/20 10:06:07 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2007/08/20 10:06:05 | 000,007,102 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2007/08/20 10:05:33 | 000,001,001 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/08/20 09:44:47 | 000,000,533 | ---- | C] () -- C:\WINDOWS\JUNO.INI
[2007/08/20 09:26:14 | 000,003,745 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2007/08/20 09:26:14 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2007/08/20 09:18:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/08/20 09:16:49 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/08/20 09:16:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2007/08/20 09:15:40 | 000,000,222 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2007/08/20 09:11:17 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2007/08/20 09:04:52 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/03/05 12:34:28 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/04/01 12:08:25 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\hamcal32.dll
[2005/12/12 14:18:54 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\winkeyVB.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/07/12 04:51:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\inpout32.dll
[2002/09/24 09:29:46 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/09/23 17:42:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/09/23 17:36:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/23 17:31:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/23 17:30:26 | 000,485,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/17 11:34:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/03/26 09:36:48 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\PROInst.dll
[2002/03/04 11:07:44 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\QRZ32.DLL
[2002/02/14 16:14:36 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Launcher.ini
[2002/02/06 09:04:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NMSInst.dll
[2002/01/10 14:55:22 | 000,004,010 | ---- | C] () -- C:\WINDOWS\System32\egathdrv.sys
[2001/08/31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/23 07:26:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2001/08/23 07:24:30 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/06/08 15:54:30 | 000,003,478 | ---- | C] () -- C:\WINDOWS\translat.ini
[1999/04/21 16:53:40 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\agwdll32.dll
[1998/05/31 00:00:00 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\CO2C40EN.DLL
[1996/11/18 23:15:52 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\p2sodbc.dll
[1996/11/18 23:15:50 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\p2irdao.dll
[1996/11/18 23:15:50 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\p2ctdao.dll
[1996/11/18 23:15:50 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\p2bbnd.dll
[1980/01/01 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1980/01/01 00:00:00 | 000,482,000 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980/01/01 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1980/01/01 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1980/01/01 00:00:00 | 000,079,948 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980/01/01 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1980/01/01 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1980/01/01 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1980/01/01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ========== [2007/08/20 09:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VERITAS
[2011/10/24 10:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CenturyLink
[2011/12/21 04:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2008/04/22 09:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2010/04/24 19:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RT Systems
[2010/05/27 12:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/06/26 14:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/25 07:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Update
[2007/08/20 09:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\VERITAS
[2007/09/20 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Audacity
[2011/05/06 19:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\butel
[2011/05/06 19:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\butelsoap
[2009/06/20 13:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\CallingID
[2009/06/20 19:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\comcasttb
[2009/12/27 15:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\FileZilla
[2011/06/08 18:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\GARMIN
[2009/06/26 14:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\GRLevel3
[2011/11/04 08:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Image Zone Express
[2008/04/22 09:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Individual Software
[2008/03/05 15:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\OfficeUpdate12
[2009/03/04 17:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\OpenOffice.org
[2011/04/03 11:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\PCHC
[2007/09/05 07:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Printer Info Cache
[2011/05/06 19:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Radioshack
[2010/04/24 19:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\RT Systems
[2007/08/20 09:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\VERITAS
[2009/04/03 17:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Walgreens
[2010/05/28 03:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\WeatherBug
[2008/06/05 15:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\Weathersoft
[2010/05/28 11:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family\Application Data\WinPatrol
========== Purity Check ========== < End of report >
Extras.txt
OTL Extras logfile created on: 12/30/2011 12:22:16 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Family\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.98 Mb Total Physical Memory | 436.84 Mb Available Physical Memory | 42.70% Memory free
3.34 Gb Paging File | 2.67 Gb Available in Paging File | 79.70% Paging File free
Paging file location(s): C:\pagefile.sys 2500 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 72.47 Gb Total Space | 46.81 Gb Free Space | 64.59% Space Free | Partition Type: NTFS
Drive M: | 931.51 Gb Total Space | 798.02 Gb Free Space | 85.67% Space Free | Partition Type: NTFS
Computer Name: IBM-C8A9E96DF6F | User Name: Family | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-3789102929-1987578796-2449752138-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9420:TCP" = 9420:TCP:*:Disabled:Red Swoosh
"5000:UDP" = 5000:UDP:*:Disabled:Red Swoosh
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\Juno\bin\juno.exe" = C:\Program Files\Juno\bin\juno.exe:*:Enabled:Juno -- (Juno Online Services, Inc.)
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01A4AEDE-F219-49A2-B855-16A016EAF9A4}" = Intel(R) PROSet II
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = IBM RecordNow Update Manager
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{10CA63B1-DEF1-4718-A122-268486A6EF66}" = MCP-2A (Remove only)
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{11D696C6-0A0C-499A-B431-6190F9DC1904}" = Juno
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = IBM DLA
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{25B052BB-7126-4412-99D9-3D9448235FE4}" = WeatherBug
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{2F0200C6-9ACB-49F3-BC33-5BE9AA682D9F}" = MapSend Lite
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{31C2FBAC-67CF-4093-8F36-15A146613747}" = IBM Update Connector
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B7B3B4A-AF8C-4671-A92E-3E7E9ABCB22B}" = IBM Rapid Restore PC Setup
"{3BEBC95D-FDBA-480B-93E8-9B4E9E41733C}" = MapSend Topo 3D USA
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54FC2173-BF6C-45B9-A7F8-304FA966A856}" = Infuzer
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{692854CC-97EF-4307-B787-8C6787B91033}" = Nero 7 Ultra Edition
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{73ACFCD5-4CA0-4404-8A50-009942DE70AB}" = Intellicast Desktop
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7CF0CEC0-9255-11DE-72AE-004FDD832CD6}" = VX-3 Programmer
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8214CC02-6271-4DC8-B8DD-779933450264}" = IBM RecordNow
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8F018A9E-56DE-4A79-A5EF-25F413F1D538}" = WeatherBug
"{90120409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{92A40DC2-0ECD-4602-A79E-1DC53545C6EE}" = eXplorist Wizard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A729A100-89D9-11DE-5F90-014CDBA56952}" = FT-2800 Programmer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B5599ECB-DA72-43EE-8A30-2C80396FF8BB}" = Access IBM
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B8726461-A7C6-4628-A67C-FE5FC5FB3E9F}" = Software for Scanners
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = CenturyLink Installer
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"4F78800C27D21D26846270C48AB3F715E9AF951D" = Windows Driver Package - RT Systems RT CDM Driver Package (10/22/2009 2.06.00)
"78283BA5291E464B5A994D7D58F8ADDE2A74A72A" = Windows Driver Package - Prolific (ser2plms) Ports (04/28/2004 2.0.0.18)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Data Management System for the FT-1500" = Advanced Data Management System for the FT-1500
"Audacity_is1" = Audacity 1.2.6
"AXIS Media Control" = AXIS Media Control
"BadCopy Pro" = BadCopy Pro
"BB27EF884AC49AEB19DFBD5B1680604E70B871BB" = Windows Driver Package - RT Systems RT CDM Driver Package (10/22/2009 2.06.00)
"CNXT_MODEM_PCI_HSF" = PCI SoftV92 Modem
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Deluo GPS Diagnostics" = Deluo GPS Diagnostics
"FileZilla Client" = FileZilla Client 3.3.0.1
"HijackThis" = HijackThis 2.0.2
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ie8" = Windows Internet Explorer 8
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MouseSuite98" = Mouse Suite
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"NAV" = Norton AntiVirus
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PROSet" = Intel(R) Network Connections Drivers
"RealPlayer 12.0" = RealPlayer
"ResumeMaker Professional" = ResumeMaker Professional
"Shop for HP Supplies" = Shop for HP Supplies
"ST6UNST #1" = TravelPlus for Repeaters 11.0
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"W6ELProp" = W6ELProp
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Window Washer" = Window Washer
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPatrol" = WinPatrol 2010
"WinRAR archiver" = WinRAR archiver
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 10/31/2011 5:46:56 AM | Computer Name = IBM-C8A9E96DF6F | Source = Application Hang | ID = 1002
Description = Hanging application Weather.exe, version 6.8.0.8, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/14/2011 10:26:29 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module , version 0.0.0.0, fault address 0x00000000.
Error - 11/16/2011 7:19:42 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 12/5/2011 6:41:58 AM | Computer Name = IBM-C8A9E96DF6F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 12/5/2011 6:41:59 AM | Computer Name = IBM-C8A9E96DF6F | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 12/19/2011 2:08:38 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x715b9e59.
Error - 12/19/2011 2:09:00 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Error | ID = 1001
Description = Fault bucket 1597773430.
Error - 12/19/2011 2:09:18 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x715b9e59.
Error - 12/19/2011 2:09:36 PM | Computer Name = IBM-C8A9E96DF6F | Source = Application Error | ID = 1001
Description = Fault bucket 1597773430.
Error - 12/27/2011 3:36:26 PM | Computer Name = IBM-C8A9E96DF6F | Source = wwSecure.exe | ID = 0
Description =
[ System Events ]
Error - 12/29/2011 6:40:18 AM | Computer Name = IBM-C8A9E96DF6F | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
Error - 12/30/2011 6:49:11 AM | Computer Name = IBM-C8A9E96DF6F | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126
< End of report >