Jump to content

Recommended Posts

Hi,

I recently got a virus/malware and turned to the usually trusty MBAM, but when I try to run Full Scan, I get the BSOD and a message saying that I have a HDD Hard Error such that I am unable to boot my system. When I hit "retry", I'm told that there is no bootable disk, and in order to get my computer to load up, I have to turn the computer off then back on. After that, it will boot okay. I was able to run MBAM Quick Scan and will paste the log file below, but have since re-run my anti-virus program (Avast) and discovered another infection (hence my wanting to run a Full Scan with MBAM). Any ideas? Thanks in advance.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6504

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/4/2011 3:54:42 PM

mbam-log-2011-05-04 (15-54-42).txt

Scan type: Quick scan

Objects scanned: 193249

Time elapsed: 10 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Backdoor.Gen) -> Value: conhost -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\AJ\application data\microsoft\conhost.exe (Trojan.Backdoor.Gen) -> Quarantined and deleted successfully.

c:\documents and settings\AJ\local settings\Temp\ms0cfg32.exe (Trojan.Backdoor.Gen) -> Quarantined and deleted successfully.

My Avast log reports the following:

Full system scan 5/4/2011 11:55:06 AM no virus found

Quick scan 5/4/2011 04:42:50 PM virus found: Win32-Cycbot-DI [Trj]

Boot-time scan 5/4/2011 07:39:24 PM no virus found

One other note...I use Firefox and after using MBAM quick scan and Avast, was still being automatically directed to a proxy server upon running the browser, but I uninstalled the Xmarks add-on and Firefox then allowed me to change my proxy settings to none. I reinstalled the Xmarks add-on and all seems to be running fine now. Just wanted to throw that tidbit in there in case it was helpful.

Link to post
Share on other sites

Hello and :welcome:

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explaination about the tool. No input is needed, the scan is running.

    [*]Notepad will open with the results.

    [*]Follow the instructions that pop up for posting the results.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

Hello Elise,

Thanks for the response. I disabled Avast shields per your link and disabled my internet connection, but still DDS freezes the computer around 70% complete every time I run it. Every time I restart, which I have to do by manually holding down the power button and then turning the power back on, it takes about 15 minutes for everything to load back up, but I need my computer for work at the moment, so I can't keep trying the scan and having to reboot. Any ideas or other things I need to disable?

Thank you.

Link to post
Share on other sites

In that case, please try this.

OTL

-----

Please download OTL from one of the following mirrors:

[*]Save it to your desktop.

[*]Double click on the otlicon.png icon on your desktop.

[*]Click the "Scan All Users" checkbox.

[*]Push the runscan.png button.

[*]Two reports will open, copy and paste them in a reply here:

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Link to post
Share on other sites

OTL logfile created on: 5/6/2011 11:47:54 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\AJ\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 31.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18.59 Gb Total Space | 0.17 Gb Free Space | 0.91% Space Free | Partition Type: NTFS

Drive D: | 18.59 Gb Total Space | 0.96 Gb Free Space | 5.15% Space Free | Partition Type: NTFS

Computer Name: LAPPY | User Name: AJ | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/06 23:46:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AJ\Desktop\OTL.exe

PRC - [2011/04/30 22:06:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/04/18 12:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/04/18 12:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011/01/21 14:03:40 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

PRC - [2010/06/21 09:11:03 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

PRC - [2010/06/02 19:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/03/31 14:12:55 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1151198675\EE\aolsoftware.exe

PRC - [2009/07/06 20:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

PRC - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files for D\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/05/21 03:37:00 | 000,124,512 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

PRC - [2005/10/14 00:00:00 | 000,671,744 | ---- | M] (brother) -- C:\Program Files\Brownie\BrStsWnd.exe

PRC - [2005/07/15 16:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe

PRC - [2004/09/13 11:33:20 | 000,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe

PRC - [2004/08/19 09:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe

PRC - [2004/02/26 12:00:52 | 000,061,440 | ---- | M] (Novell, Inc.) -- C:\WINDOWS\system32\Novell\xtagent.exe

PRC - [2001/08/22 09:46:02 | 000,217,088 | ---- | M] (Dell Computer Corporation) -- C:\DMI\WIN32\bin\DellDmi.exe

PRC - [2001/08/22 09:45:42 | 000,131,072 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\DLT.exe

PRC - [2001/08/22 09:45:36 | 000,147,456 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\EventAgt.exe

PRC - [2001/08/22 09:45:26 | 000,118,784 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe

PRC - [2001/08/22 09:45:20 | 000,155,648 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe

PRC - [2001/06/18 14:21:30 | 000,249,344 | ---- | M] (Intel) -- C:\DMI\WIN32\bin\Win32sl.exe

========== Modules (SafeList) ==========

MOD - [2011/05/06 23:46:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AJ\Desktop\OTL.exe

MOD - [2011/04/18 12:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2004/03/29 13:11:52 | 000,061,440 | ---- | M] (Altiris Inc.) -- C:\WINDOWS\system32\AMInit.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/05 06:41:16 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_3f211bc.dll -- (Akamai)

SRV - [2011/04/18 12:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/06/21 09:11:03 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®

SRV - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- D:\Program Files for D\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)

SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)

SRV - [2004/02/26 12:00:52 | 000,061,440 | ---- | M] (Novell, Inc.) [On_Demand | Running] -- C:\WINDOWS\system32\Novell\xtagent.exe -- (XTAgent)

SRV - [2001/08/22 09:46:02 | 000,217,088 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\DMI\WIN32\bin\DellDmi.exe -- (DellDmi)

SRV - [2001/08/22 09:45:42 | 000,131,072 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\DLT.exe -- (DLT)

SRV - [2001/08/22 09:45:36 | 000,147,456 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\EventAgt.exe -- (DEventAgent)

SRV - [2001/08/22 09:45:26 | 000,118,784 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe -- (ActionAgent)

SRV - [2001/08/22 09:45:20 | 000,155,648 | ---- | M] (Dell Computer Corporation) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)

SRV - [2001/06/18 14:21:30 | 000,249,344 | ---- | M] (Intel) [Auto | Running] -- C:\DMI\WIN32\bin\Win32sl.exe -- (Win32Sl)

========== Driver Services (SafeList) ==========

DRV - [2011/04/18 12:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/04/18 12:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/04/18 12:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/04/18 12:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011/04/18 12:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/04/18 12:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011/04/18 12:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2008/12/30 12:36:20 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)

DRV - [2008/12/30 12:36:20 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2005/07/06 22:02:18 | 001,132,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005/05/26 16:42:00 | 000,376,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)

DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)

DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2005/03/10 16:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)

DRV - [2005/02/08 11:27:00 | 000,005,185 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)

DRV - [2004/11/16 10:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)

DRV - [2004/08/23 14:49:30 | 000,121,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2004/05/03 16:26:16 | 000,080,384 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)

DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - [2002/07/17 07:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)

DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)

DRV - [2000/07/24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: amznUWL@amazon.com:2.12

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1

FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.8

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..network.proxy.no_proxies_on: ""

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/31 14:14:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2010/09/20 17:31:41 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/21 08:57:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/05/04 16:21:46 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 22:06:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/28 16:34:28 | 000,000,000 | ---D | M]

[2010/12/02 14:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\AJ\Application Data\Mozilla\Extensions

[2010/12/02 14:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\AJ\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011/05/04 20:48:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\AJ\Application Data\Mozilla\Firefox\Profiles\rfqahnb2.default\extensions

[2010/05/05 17:13:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\AJ\Application Data\Mozilla\Firefox\Profiles\rfqahnb2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/03/10 15:09:45 | 000,000,000 | ---D | M] ("Amazon Toolbar") -- C:\Documents and Settings\AJ\Application Data\Mozilla\Firefox\Profiles\rfqahnb2.default\extensions\amznUWL@amazon.com

[2011/05/04 20:48:44 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\AJ\Application Data\Mozilla\Firefox\Profiles\rfqahnb2.default\extensions\foxmarks@kei.com

[2011/04/09 15:14:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/26 08:16:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

File not found (No name found) --

[2009/10/25 13:55:17 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\AJ\APPLICATION DATA\MOVE NETWORKS

() (No name found) -- C:\DOCUMENTS AND SETTINGS\AJ\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RFQAHNB2.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI

[2011/05/04 16:21:46 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF

[2010/04/26 08:16:30 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/04/30 22:06:10 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

[2010/04/26 08:16:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

[2011/04/13 14:57:47 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2008/01/13 10:47:44 | 000,000,762 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 192.168.1.2 HP0017A478CA03

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.

O3 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files for D\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (America Online)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151198675\EE\aolsoftware.exe (AOL Inc.)

O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1

O7 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0

O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found

O15 - HKLM\..Trusted Domains: ochsner.org ([]* in Local intranet)

O15 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\..Trusted Domains: ochsner.org ([]* in Local intranet)

O15 - HKU\S-1-5-21-2960389209-2186280164-2123856284-1022\..Trusted Domains: usaa.com ([www] https in Trusted sites)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122667606546 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162314237703 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://kronos/WFC/plugins/j2re-1_3_1_02-win.exe (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.4.1/jinstall-1_4_1_01-windows-i586.cab (Java Plug-in 1.4.1_01)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O20 - AppInit_DLLs: (AMInit.dll) - C:\WINDOWS\System32\AMInit.dll (Altiris Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\NetIdentity Notification: DllName - C:\WINDOWS\System32\Novell\XtNotify.dll - C:\WINDOWS\system32\Novell\xtnotify.dll (Novell, Inc.)

O24 - Desktop WallPaper: D:\AJ\Photoshop\Taz and friends - misc. pics\Taz pictures for wall\DSCF0877.bmp

O24 - Desktop BackupWallPaper: D:\AJ\Photoshop\Taz and friends - misc. pics\Taz pictures for wall\DSCF0877.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/07/29 13:37:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{73209287-76f5-11dd-bcd9-00038a000015}\Shell\AutoRun\command - "" = WDSetup.exe

O33 - MountPoints2\{9f6d4519-ca51-11de-bd3d-0014a58e2645}\Shell\AutoRun\command - "" = F:\setup.exe

O33 - MountPoints2\{d449fef8-a147-11de-bd36-00038a000015}\Shell\AutoRun\command - "" = WDSetup.exe

O33 - MountPoints2\{d4969e2e-2306-11e0-bd82-00038a000015}\Shell - "" = AutoRun

O33 - MountPoints2\{d4969e2e-2306-11e0-bd82-00038a000015}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{d4969e2e-2306-11e0-bd82-00038a000015}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/06 15:54:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\AJ\Desktop\OTL.exe

[2011/04/21 11:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2011/04/21 11:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/04/21 11:06:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/04/21 10:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/04/09 10:34:53 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\WINDOWS\System32\AOLParconLink.exe

[2011/04/09 10:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL OCP

[2011/04/09 10:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Desktop 9.6

[2008/05/17 20:58:09 | 000,382,352 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-6u6-windows-i586-p-iftw.exe

[2008/05/17 11:05:54 | 000,642,540 | ---- | C] (Xvid team ) -- C:\Program Files\Xvid-1.1.3-27042008.exe

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/06 23:46:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AJ\Desktop\OTL.exe

[2011/05/06 23:31:11 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/05/06 18:24:02 | 000,000,174 | ---- | M] () -- C:\WINDOWS\Brownie.ini

[2011/05/06 18:23:37 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\AJ\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk

[2011/05/06 13:44:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/05/06 13:43:58 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2960389209-2186280164-2123856284-1022.job

[2011/05/06 13:43:57 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/05/06 13:42:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/05/06 13:42:45 | 2146,885,632 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/06 06:30:43 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\AJ\Desktop\dds.scr

[2011/05/05 09:21:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/05/04 16:21:51 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/05/04 10:42:45 | 000,005,636 | ---- | M] () -- C:\Documents and Settings\AJ\Application Data\C732.A2B

[2011/05/03 12:18:26 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2960389209-2186280164-2123856284-1022.job

[2011/04/29 15:46:42 | 000,000,837 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI

[2011/04/27 14:34:05 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\AJ\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk

[2011/04/27 14:33:42 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\AJ\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2011/04/21 22:33:38 | 000,020,583 | ---- | M] () -- C:\Documents and Settings\AJ\Desktop\Zombie Spiderman head.JPG

[2011/04/21 11:11:21 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/04/18 12:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/04/18 12:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/04/18 12:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/04/18 12:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/04/18 12:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/04/18 12:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/04/18 12:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/04/18 12:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/04/18 12:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/04/18 12:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/04/16 22:24:26 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\AJ\Desktop\Firefox Sync Key.html

[2011/04/16 07:39:53 | 000,243,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/04/16 07:35:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/04/15 08:22:42 | 000,463,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/04/15 08:22:42 | 000,078,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/04/09 10:36:40 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\AJ\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.6.lnk

[2011/04/09 10:36:38 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.6.lnk

[2011/04/08 15:18:40 | 003,402,033 | ---- | M] () -- C:\Documents and Settings\AJ\Desktop\I Will Survive.mp3

[2011/04/08 09:44:56 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk

[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/06 06:30:36 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\AJ\Desktop\dds.scr

[2011/05/04 11:43:14 | 2146,885,632 | -HS- | C] () -- C:\hiberfil.sys

[2011/05/04 10:36:41 | 000,005,636 | ---- | C] () -- C:\Documents and Settings\AJ\Application Data\C732.A2B

[2011/04/28 16:34:28 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2011/04/21 22:33:29 | 000,020,583 | ---- | C] () -- C:\Documents and Settings\AJ\Desktop\Zombie Spiderman head.JPG

[2011/04/21 11:11:21 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2011/04/16 22:24:12 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\AJ\Desktop\Firefox Sync Key.html

[2011/04/13 14:58:22 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/04/09 10:36:40 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\AJ\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.6.lnk

[2011/04/08 15:18:15 | 003,402,033 | ---- | C] () -- C:\Documents and Settings\AJ\Desktop\I Will Survive.mp3

[2011/04/08 09:44:56 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Amazon Cloud Player.lnk

[2010/09/23 12:06:21 | 000,003,111 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat.temp

[2010/03/26 19:13:22 | 000,047,304 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2010/03/17 19:27:22 | 007,888,118 | ---- | C] () -- C:\Program Files\pqdvd_ipod.exe

[2010/02/11 13:38:48 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2010/01/11 15:40:14 | 000,001,911 | ---- | C] () -- C:\WINDOWS\opera.ini

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe

[2009/07/13 18:17:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/06/11 20:04:47 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf07a.dat

[2009/04/24 23:04:17 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\AJ\Application Data\Final Draft Tagger Preferences

[2009/04/06 14:17:59 | 000,000,025 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\.119889580931711767808769176

[2009/03/27 19:33:20 | 000,000,169 | ---- | C] () -- C:\WINDOWS\PDFWatermark.ini

[2009/03/19 19:42:15 | 001,047,072 | ---- | C] () -- C:\Program Files\MoveMediaPlayer_071303000006.exe

[2009/03/17 10:58:29 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\AJ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/03/04 15:14:02 | 000,000,158 | ---- | C] () -- C:\WINDOWS\ricdb.ini

[2009/03/02 15:13:27 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

[2008/09/16 16:35:55 | 000,000,110 | ---- | C] () -- C:\WINDOWS\System32\BD5280DW.DAT

[2008/09/16 16:10:38 | 000,000,174 | ---- | C] () -- C:\WINDOWS\Brownie.ini

[2008/09/16 16:10:38 | 000,000,147 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI

[2008/09/16 16:10:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini

[2008/09/16 16:10:24 | 000,014,441 | ---- | C] () -- C:\WINDOWS\HL-5280DW.INI

[2008/09/16 16:09:33 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\PtrcENG.dll

[2008/06/04 17:53:16 | 000,002,168 | ---- | C] () -- C:\WINDOWS\wincode.ini

[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin

[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin

[2008/05/17 11:12:00 | 000,899,414 | ---- | C] () -- C:\Program Files\SetupDVDDecrypter_3.5.4.0.exe

[2008/05/09 11:47:42 | 000,000,837 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2008/05/09 11:46:15 | 000,000,225 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini

[2008/05/09 11:46:15 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini

[2008/05/09 11:44:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL

[2008/05/09 11:44:51 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI

[2008/05/09 11:44:13 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll

[2008/05/08 19:04:45 | 000,014,294 | ---- | C] () -- C:\Program Files\settings.dat

[2008/05/08 17:53:22 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\AJ\Local Settings\Application Data\fusioncache.dat

[2008/05/08 17:52:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\AJ\Application Data\dm.ini

[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2007/05/28 10:09:33 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2007/05/12 09:49:57 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2006/11/04 16:48:50 | 000,000,160 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini

[2006/11/04 16:37:23 | 000,000,685 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini

[2006/11/04 16:33:13 | 000,117,092 | ---- | C] () -- C:\WINDOWS\hpoins11.dat

[2006/10/31 12:22:58 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/07/09 17:57:11 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT

[2006/06/24 20:56:29 | 001,789,614 | ---- | C] () -- C:\Program Files\Setup15.exe

[2006/06/24 20:24:10 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2006/06/24 20:21:17 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini

[2006/05/05 16:18:56 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat

[2005/12/05 12:20:10 | 000,007,363 | ---- | C] () -- C:\WINDOWS\cfgall.ini

[2005/12/05 11:37:00 | 000,176,152 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll

[2005/12/01 17:57:21 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\AeXSystemPerformance.dll

[2005/08/08 10:45:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/08/01 14:19:13 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat

[2005/08/01 13:24:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/08/01 11:34:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe

[2005/08/01 11:34:41 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE

[2005/08/01 09:41:50 | 000,000,873 | ---- | C] () -- C:\WINDOWS\DKAAJ2DD.ini

[2005/08/01 09:41:14 | 000,001,364 | ---- | C] () -- C:\WINDOWS\DKAAG2DD.ini

[2005/08/01 09:40:29 | 000,001,084 | ---- | C] () -- C:\WINDOWS\DKAAP2DD.ini

[2005/08/01 09:38:28 | 000,000,873 | ---- | C] () -- C:\WINDOWS\LMAAJ2DD.ini

[2005/08/01 09:36:59 | 000,001,364 | ---- | C] () -- C:\WINDOWS\LMAAG2DD.ini

[2005/08/01 09:23:29 | 000,856,064 | ---- | C] () -- C:\WINDOWS\System32\RTFCONV.DLL

[2005/08/01 09:23:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\OTXRTVB5.DLL

[2005/08/01 08:42:51 | 000,020,736 | ---- | C] () -- C:\WINDOWS\unvid32.dll

[2005/08/01 08:42:51 | 000,020,736 | ---- | C] () -- C:\WINDOWS\shgrsdrv.dll

[2005/08/01 08:42:21 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WPCMAPI.INI

[2005/08/01 08:04:17 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\GAMSWrap.dll

[2005/08/01 08:04:17 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\unclient.exe

[2005/07/29 15:52:09 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005/07/29 15:03:38 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2005/07/29 14:34:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll

[2005/07/29 13:43:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005/07/29 13:34:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005/07/29 08:24:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005/07/29 08:23:25 | 000,243,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2004/09/22 14:17:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2003/07/28 19:04:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\setupw2k.dll

[2003/07/16 11:48:28 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2003/07/16 11:48:27 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2003/07/16 11:35:07 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2003/07/16 11:35:06 | 000,463,184 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2003/07/16 11:35:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2003/07/16 11:35:03 | 000,078,964 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2003/07/16 11:33:18 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2003/07/16 11:28:25 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2003/07/16 11:28:14 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2003/07/16 11:21:49 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2003/07/16 11:20:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2001/10/04 15:40:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwslog32.dll

[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

< End of report >

OTL Extras logfile created on: 5/6/2011 11:47:54 PM - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\AJ\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 31.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 18.59 Gb Total Space | 0.17 Gb Free Space | 0.91% Space Free | Partition Type: NTFS

Drive D: | 18.59 Gb Total Space | 0.96 Gb Free Space | 5.15% Space Free | Partition Type: NTFS

Computer Name: LAPPY | User Name: AJ | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP

"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"137:TCP" = 137:TCP:LocalSubNet:Enabled:Savin 4051

"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP

"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Documents and Settings\AJ\Local Settings\Temp\7zS3E87\OJProL7X00_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\AJ\Local Settings\Temp\7zS3E87\OJProL7X00_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)

"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe

"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe

"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe

"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"E:\setup\HPZnet01.exe" = E:\setup\HPZnet01.exe:*:Enabled:hpznet01.exe

"E:\setup\hponicifs01.exe" = E:\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)

"C:\Program Files\Common Files\AOL\1151198675\EE\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1151198675\EE\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)

"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL

"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)

"C:\Program Files\Common Files\AOL\1151198675\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1151198675\EE\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)

"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)

"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)

"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL -- (Gteko Ltd.)

"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)

"C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup

"C:\Documents and Settings\AJ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\AJ\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)

"C:\Documents and Settings\AJ\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\AJ\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- ()

"C:\Documents and Settings\AJ\Local Settings\Temp\7zS3E87\OJProL7X00_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\AJ\Local Settings\Temp\7zS3E87\OJProL7X00_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)

"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe

"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe

"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe

"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)

"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe

"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe

"C:\Program Files\AOL Desktop 9.6\waol.exe" = C:\Program Files\AOL Desktop 9.6\waol.exe:*:Enabled:AOL Desktop 9.6 -- (AOL Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier

"{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{0773A806-0853-4B4D-8771-55BEF03E242B}" = Dell OpenManage Client Instrumentation

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant

"{094F0B52-515D-46DB-9D75-C191013961B1}" = Brother HL-5280DW

"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery

"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant

"{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}" = Java 2 Runtime Environment, SE v1.4.1_01

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes

"{3E833A3C-19CB-48EE-BD52-AE7896435AFF}" = Commercial Series Customer Programming Software

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform

"{52503B4E-149A-4731-A6FF-495067EABFDC}" = TI_Inst

"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport

"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer

"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1

"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI

"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox

"{6F874748-FB25-439F-856B-25E97C7054E3}" = NetIdentity 1.2.2

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone

"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme

"{78D62D17-D970-42DA-B8CF-5E5576293B33}" = Final Draft 7

"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries

"{7B63B2922B174135AFC0E1377DD81EC2}" =

"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder

"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI

"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2

"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Plus

"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B25F628-D16E-4AC2-9FD8-88B98F5B8E89}" = Altiris Application Metering Agent

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries

"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat 8 Standard

"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B3B4CD34-6C20-4b28-A231-FEC55B42C579}" = c6100_Help

"{B5A4C902-1636-48DB-8E38-F0DB102DDB59}" = MPM

"{B639110D-747F-40DC-9682-95D94EF73790}" = dj_sf_software

"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2

"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter

"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A

"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C8574AE5-370F-4246-A301-B85A2CC89A5E}" = C6100

"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA

"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0

"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe

"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD

"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.6.6-1)

"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA

"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm

"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA

"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard

"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer

"Adobe Acrobat 8 Standard" = Adobe Acrobat 8.2.6 Standard

"Adobe Acrobat 8 Standard_826" = Adobe Acrobat 8.2.6 - CPSID_83708

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)

"Akamai" = Akamai NetSession Interface

"All ATI Software" = ATI - Software Uninstall Utility

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12

"AOL Deskbar" = AOL Deskbar

"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)

"AOL YGP Screensaver" = AOL You've Got Pictures Screensaver

"AolCoach2_en" = AOL Coach Version 2.0(Build:20041026.5 en)

"ATI Display Driver" = ATI Display Driver

"avast" = avast! Free Antivirus

"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card

"Canon MX860 series User Registration" = Canon MX860 series User Registration

"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CanonMyPrinter" = Canon Utilities My Printer

"CanonSolutionMenu" = Canon Utilities Solution Menu

"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem

"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows

"Dell Printer Software Uninstall" = Dell Printer Software Uninstall

"Dell_HostCD" = Dell Printer Software Uninstall

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"DivX Setup.divx.com" = DivX Setup

"DVD Decrypter" = DVD Decrypter (Remove Only)

"HP Document Viewer" = HP Document Viewer 7.0

"HP Imaging Device Functions" = HP Imaging Device Functions 14.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0

"HPOCR" = OCR Software by I.R.I.S. 14.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"ImgBurn" = ImgBurn

"InstallShield_{52503B4E-149A-4731-A6FF-495067EABFDC}" = Texas Instruments PCIxx21/x515 drivers.

"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller

"Java Web Start" = Java Web Start

"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)

"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PictureProject In Touch Downloader" = PictureProject In Touch Downloader 1.0

"Port Magic" = Pure Networks Port Magic

"PQ_DVD_to_iPod_Video_Suite" = PQ DVD to iPod Video Suite (remove only)

"RealPlayer 12.0" = RealPlayer

"ViewpointMediaPlayer" = Viewpoint Media Player

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"WMS" = Windows NT Messaging

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2960389209-2186280164-2123856284-1022\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Move Media Player" = Move Media Player

"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 5/6/2011 11:25:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:25:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:27:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:27:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:29:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:29:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 11:31:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: 403 (HTTP Response Status)

Error - 5/6/2011 11:31:02 AM | Computer Name = LAPPY | Source = crypt32 | ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number

from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

with error: This network connection does not exist.

Error - 5/6/2011 2:50:37 PM | Computer Name = LAPPY | Source = Ci | ID = 4124

Description = Content index on c:\system volume information\catalog.wci is corrupt.

Please shutdown and restart the Indexing Service (cisvc).

Error - 5/6/2011 2:50:37 PM | Computer Name = LAPPY | Source = Ci | ID = 4126

Description = Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci.

Index will be automatically restored by refiltering all documents.

[ System Events ]

Error - 5/6/2011 1:39:27 PM | Computer Name = LAPPY | Source = SideBySide | ID = 16842811

Description = Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL.

Reference

error message: The operation completed successfully. .

Error - 5/6/2011 2:49:03 PM | Computer Name = LAPPY | Source = DCOM | ID = 10005

Description = DCOM got error "%1053" attempting to start the service iPod Service

with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error - 5/6/2011 2:49:03 PM | Computer Name = LAPPY | Source = Service Control Manager | ID = 7009

Description = Timeout (30000 milliseconds) waiting for the iPod Service service

to connect.

Error - 5/6/2011 2:49:03 PM | Computer Name = LAPPY | Source = Service Control Manager | ID = 7000

Description = The iPod Service service failed to start due to the following error:

%%1053

Error - 5/7/2011 12:27:04 AM | Computer Name = LAPPY | Source = Dhcp | ID = 1002

Description = The IP address lease 10.192.1.92 for the Network Card with network

address 0014A58E2645 has been denied by the DHCP server 0.0.0.0 (The DHCP Server

sent a DHCPNACK message).

Error - 5/7/2011 12:53:19 AM | Computer Name = LAPPY | Source = Disk | ID = 262151

Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 5/7/2011 12:53:26 AM | Computer Name = LAPPY | Source = Disk | ID = 262151

Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 5/7/2011 12:53:33 AM | Computer Name = LAPPY | Source = Disk | ID = 262151

Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 5/7/2011 12:53:39 AM | Computer Name = LAPPY | Source = Disk | ID = 262151

Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 5/7/2011 12:55:40 AM | Computer Name = LAPPY | Source = Disk | ID = 262151

Description = The device, \Device\Harddisk0\D, has a bad block.

< End of report >

Link to post
Share on other sites

Before doing anything else, you need to free up a few Gigabyte of Harddisk space (at least 5 GB if possible). You can do this by uninstalling unnecessary programs and moving personal data like pictures and music to external storage devices like USB/CD/DVD.

With the amount of free space you have, windows cannot function normally.

When you finish that, lets run a disk check because I indeed see some evidence of bad blocks. Click Start > Run, type chkdsk /r and press enter. Type Y and press enter to schedule a disk check for next reboot. Restart your computer and let the disk check run unhindered. Note, this may take a while.

When done, please let me know how things are running.

Link to post
Share on other sites

  • 4 weeks later...

Before doing anything else, you need to free up a few Gigabyte of Harddisk space (at least 5 GB if possible). You can do this by uninstalling unnecessary programs and moving personal data like pictures and music to external storage devices like USB/CD/DVD.

With the amount of free space you have, windows cannot function normally.

When you finish that, lets run a disk check because I indeed see some evidence of bad blocks. Click Start > Run, type chkdsk /r and press enter. Type Y and press enter to schedule a disk check for next reboot. Restart your computer and let the disk check run unhindered. Note, this may take a while.

When done, please let me know how things are running.

My C srive is full, but I don't keep any files like pictures, music, or documents on it. Any way to free up some space without deleting essential programs? It's a very small drive (20 GB) and I don't know where to begin with making space as all the programs I have installed are used for work or are essential windows components. Is there uninstall data that I don't need taking up any space?

Link to post
Share on other sites

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.