Thanks for your reply and your help! Here's the OTL.TXT
OTL logfile created on: 12/23/2009 4:20:52 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,015.00 Mb Total Physical Memory | 314.00 Mb Available Physical Memory | 31.00% Memory free
3.00 Gb Paging File | 1.00 Gb Available in Paging File | 15.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.44 Gb Total Space | 160.29 Gb Free Space | 71.42% Space Free | Partition Type: NTFS
Drive D: | 8.43 Gb Total Space | 0.36 Gb Free Space | 4.33% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-4DACD0EA75
Current User Name: HP_Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2009/12/23 16:19:48 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\OTL.exe
PRC - [2009/11/25 13:43:14 | 02,001,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2009/11/04 04:30:54 | 00,397,824 | ---- | M] (System SoftLab) -- C:\Program Files\Spyware Process Detector\spd320.exe
PRC - [2009/09/23 10:15:50 | 04,105,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Utilities 14\nu.exe
PRC - [2009/04/17 00:53:24 | 00,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/04/17 00:53:24 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/17 00:53:23 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/10/30 13:16:42 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2008/05/27 09:50:30 | 00,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/04/03 17:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2006/03/06 16:17:09 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2005/12/19 01:26:54 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/11/11 20:11:12 | 00,237,568 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscGui.exe
PRC - [2005/11/11 20:11:04 | 01,064,960 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2005/11/11 20:10:00 | 00,061,440 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DISCUpdateMgr.exe
PRC - [2005/11/11 20:10:00 | 00,049,152 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe
PRC - [2005/11/03 14:26:30 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2005/11/03 14:22:36 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2005/11/01 09:01:00 | 00,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
PRC - [2005/10/11 12:33:20 | 02,807,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005/09/21 09:24:02 | 00,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2005/05/12 06:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2005/05/03 17:43:28 | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
PRC - [2005/02/02 15:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
PRC - [1998/05/07 08:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe
========== Modules (SafeList) ========== MOD - [2009/12/23 16:19:48 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\OTL.exe
MOD - [2009/03/21 16:23:48 | 00,121,344 | ---- | M] (System SoftLab) -- C:\Program Files\Spyware Process Detector\spd320.dll
MOD - [2006/03/06 16:17:08 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Temp\IadHide5.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2009/08/21 23:21:19 | 00,117,640 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/04/17 00:53:23 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/04/05 20:33:10 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9c950c67f3784) Google Update Service (gupdate1c9c950c67f3784)
SRV - [2008/01/29 15:09:02 | 00,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/08/08 23:27:52 | 00,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE -- (Pml Driver HPZ12)
SRV - [2005/12/19 01:26:54 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/08/02 23:19:16 | 00,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ========== DRV - [2009/11/03 22:12:14 | 00,015,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Spyware Process Detector\spd320.sys -- (spd3ssl)
DRV - [2009/10/28 14:37:22 | 00,329,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/10/12 10:55:14 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/09/09 02:35:40 | 00,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/09/09 02:35:12 | 00,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\ccHPx86.sys -- (ccHP)
DRV - [2009/08/27 00:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091219.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/27 00:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/27 00:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/27 00:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091219.020\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/21 23:21:19 | 00,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1007020.00B\SYMEFA.SYS -- (SymEFA)
DRV - [2009/08/21 23:21:19 | 00,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/21 23:21:19 | 00,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/21 23:21:19 | 00,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/21 23:21:19 | 00,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/21 23:21:19 | 00,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1007020.00B\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/21 23:21:19 | 00,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/08/21 23:21:19 | 00,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/21 23:21:06 | 00,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/08/21 23:21:06 | 00,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/06/23 10:01:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/06/23 10:01:40 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/13 10:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 08:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/03/29 02:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/03/06 16:32:21 | 00,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/12 16:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/11/03 14:50:58 | 01,353,820 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2005/10/20 15:01:56 | 01,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/18 12:15:42 | 04,034,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/17 05:33:40 | 00,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/01/08 00:07:16 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/10/14 19:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/10/14 15:30:46 | 00,155,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2004/09/28 19:24:38 | 00,051,712 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2004/08/09 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 13:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/01/09 20:28:18 | 00,011,648 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/ IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktopIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.comIE - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\S-1-5-21-1672847952-2794843195-471112363-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2006/03/06 15:59:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/10/19 13:26:46 | 00,000,000 | ---D | M]
O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\kbd.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008..\Run: [cdloader] C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\nu.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008..\Run: [spdetector3] C:\Program Files\Spyware Process Detector\spd320.exe (System SoftLab)
O4 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1672847952-2794843195-471112363-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/07 21:18:32 | 00,000,124 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891947461378048)
========== Files/Folders - Created Within 30 Days ========== [2009/12/23 16:19:44 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\OTL.exe
[2009/12/09 18:05:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS
[2009/12/09 18:05:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0207000.034
[2009/12/08 20:17:02 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\RootRepeal.exe
[2009/12/08 13:11:24 | 01,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
[2009/12/08 13:11:24 | 00,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
[2009/12/08 13:11:24 | 00,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
[2009/12/03 12:53:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\Steve's Docs
[2009/12/03 12:35:04 | 00,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\My DVDs
[2009/12/01 15:09:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/12/01 14:27:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Uniblue
[2009/12/01 14:23:17 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Process Detector
[2009/04/07 19:24:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/04/05 20:33:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2006/03/06 15:10:53 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/03/06 15:10:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/03/06 15:10:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/03/06 15:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2005/09/24 07:49:16 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2009/12/23 16:19:48 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\OTL.exe
[2009/12/23 16:10:01 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/23 02:10:00 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/22 21:20:34 | 00,899,072 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2009/12/22 15:25:02 | 00,000,580 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for HP_Administrator.job
[2009/12/20 11:15:15 | 00,003,072 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Cache.db
[2009/12/20 11:11:36 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/12/20 11:04:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/20 11:04:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/20 11:03:47 | 10,646,85568 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/20 00:13:41 | 02,621,440 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\NTUSER.DAT
[2009/12/20 00:13:41 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\ntuser.ini
[2009/12/19 01:26:48 | 01,606,656 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2009/12/12 16:32:02 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\TO D.M.V.doc
[2009/12/12 16:14:00 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\GENERAL POWER OF ATTORNEY.doc
[2009/12/12 14:26:44 | 00,002,244 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\wklnhst.dat
[2009/12/09 18:06:03 | 00,001,183 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2009/12/09 18:05:59 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NSS\0207000.034\isolate.ini
[2009/12/09 03:27:39 | 00,445,700 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/09 03:27:39 | 00,072,780 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/09 03:27:37 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/09 03:05:36 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/08 20:43:49 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\settings.dat
[2009/12/08 13:39:19 | 02,457,600 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\s-1-5-21-1672847952-2794843195-471112363-1008.rrr
[2009/12/08 13:12:23 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Utilities.lnk
[2009/12/08 11:20:33 | 00,000,729 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\Free Window Registry Repair.lnk
[2009/12/08 10:18:59 | 00,012,800 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\oxana 1.wps
[2009/12/03 20:21:11 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\MR GREORIO FONSECA.doc
[2009/12/01 14:23:18 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Process Detector v3.20.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2009/12/12 16:32:02 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\TO D.M.V.doc
[2009/12/09 18:06:03 | 00,001,183 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2009/12/09 18:05:59 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0207000.034\isolate.ini
[2009/12/09 13:11:19 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\GENERAL POWER OF ATTORNEY.doc
[2009/12/08 20:43:00 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\settings.dat
[2009/12/08 20:22:17 | 00,003,072 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Cache.db
[2009/12/08 13:39:18 | 02,457,600 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\s-1-5-21-1672847952-2794843195-471112363-1008.rrr
[2009/12/08 13:12:23 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Utilities.lnk
[2009/12/08 11:20:33 | 00,000,729 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\Free Window Registry Repair.lnk
[2009/12/08 10:12:42 | 00,012,800 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\oxana 1.wps
[2009/12/03 20:21:11 | 00,020,480 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\My Documents\MR GREORIO FONSECA.doc
[2009/12/01 14:23:18 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Process Detector v3.20.lnk
[2009/10/08 18:49:11 | 00,000,168 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/07/08 01:08:49 | 00,016,384 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/07 21:18:31 | 00,000,055 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2009/05/25 20:07:30 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2009/05/16 19:12:42 | 00,002,244 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\wklnhst.dat
[2009/04/28 18:28:26 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\EmbeddedDX.dll
[2009/04/18 00:37:38 | 00,317,822 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2009/04/18 00:37:26 | 00,002,226 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\HPSU_48BitScanUpdate.log
[2009/04/18 00:29:01 | 00,067,202 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2009/04/16 20:43:47 | 00,000,155 | ---- | C] () -- C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\fusioncache.dat
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/12/20 12:42:50 | 00,000,250 | ---- | C] () -- C:\WINDOWS\WINFAX.INI
[2007/12/13 17:33:34 | 00,000,470 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/12/26 19:09:57 | 00,014,653 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/27 23:49:05 | 00,565,311 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2006/11/27 23:49:05 | 00,000,345 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006/11/25 18:51:09 | 00,000,492 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2006/09/01 18:59:03 | 00,000,058 | ---- | C] () -- C:\WINDOWS\mchguid.ini
[2006/09/01 18:57:31 | 00,010,875 | ---- | C] () -- C:\WINDOWS\ESOA.INI
[2006/09/01 18:57:31 | 00,003,679 | ---- | C] () -- C:\WINDOWS\GrAddrBk.ini
[2006/09/01 18:57:31 | 00,000,995 | ---- | C] () -- C:\WINDOWS\GRACE.INI
[2006/09/01 18:57:31 | 00,000,053 | ---- | C] () -- C:\WINDOWS\PRSRVDLL.INI
[2006/09/01 18:56:25 | 00,000,856 | ---- | C] () -- C:\WINDOWS\winpoint.ini
[2006/08/30 19:14:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Epsonpp.ini
[2006/08/30 18:05:11 | 00,000,958 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/08/28 16:45:31 | 00,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf
[2006/08/28 16:24:49 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/08/28 16:24:41 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/08/28 16:16:03 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/08/28 16:14:47 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/08/26 21:19:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/08/26 00:04:45 | 00,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/25 22:01:22 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/08/25 21:43:07 | 00,000,088 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/05/29 13:01:06 | 00,003,112 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2006/03/06 16:46:58 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/06 16:21:35 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/03/06 16:16:20 | 00,014,315 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/03/06 16:16:13 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/03/06 16:13:49 | 00,000,054 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2006/03/06 16:10:53 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/03/06 16:00:31 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/06 15:59:07 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/03/06 15:43:03 | 00,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/03/06 15:41:57 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/03/06 15:38:00 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/06 15:14:28 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/03/06 15:14:28 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/03/06 15:14:08 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/12/09 13:03:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 21:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 23:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2005/01/16 23:10:16 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2004/08/09 17:00:42 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2004/07/26 06:51:38 | 00,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 22:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2006/11/25 22:03:20 | 00,218,112 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\HijackThis.exe
< MD5 for: AGP440.SYS >[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 05:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/09 20:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2004/08/04 05:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/09 20:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: IASTOR.SYS >[2005/06/17 05:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\hp\drivers\Intel_5_1_0_1022_PV\iastor.sys
[2005/06/17 05:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/09 20:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/09 20:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< > ========== Alternate Data Streams ========== @Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D287FACF
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44DAF2F1
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4295826C
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E2940E3
< End of report >
AND Here's the Extras.txt report:
OTL Extras logfile created on: 12/23/2009 4:20:52 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,015.00 Mb Total Physical Memory | 314.00 Mb Available Physical Memory | 31.00% Memory free
3.00 Gb Paging File | 1.00 Gb Available in Paging File | 15.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.44 Gb Total Space | 160.29 Gb Free Space | 71.42% Space Free | Partition Type: NTFS
Drive D: | 8.43 Gb Total Space | 0.36 Gb Free Space | 4.33% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-4DACD0EA75
Current User Name: HP_Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 13
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}" = muvee autoProducer unPlugged 1.2
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{3E386744-10FA-44b2-98C9-DF7A270DECB3}" = HP PSC & OfficeJet 5.3.A
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54A90A9E-E537-11DE-811A-005056806466}" = Google Earth Plug-in
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{567C23E1-7580-4185-B8C2-30805677297C}" = NewCopy_CDA
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{85BC5C08-E73D-11D2-964D-444553540000}" = Point
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{ABB2901A-3D0A-4F21-8324-2F13C3EFE163}" = LightScribe 1.4.62.1
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B276997E-4367-4b1b-A39C-4CAE7464337A}" = AiO_Scan_CDA
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B60E7826-F117-4d26-8165-D2DC5A494AB0}" = Fax_CDA
"{B64E3AFC-59EF-4f18-BF11-E751462450D3}" = AiOSoftwareNPI
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C83A12B9-B31B-461A-BBD4-CE9B988094F1}" = HP Photosmart Cameras 5.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D518592A-0F1E-40ca-BECB-3D3F026C6B0D}" = CameraDrivers
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E073D315-3C54-44BF-A1B2-B5583AEA618C}" = muvee autoProducer 4.5
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"038D56DF-B15D-47F7-959F-59FA1FBB63FC" = Snowboard SuperJam from HP Media Center (remove only)
"0814ADC6-5B36-4144-A8EA-439C36B1BB11" = Puzzle Express from HP Media Center (remove only)
"0AA27562-3C4E-4860-8742-7ADEBE2EFC43" = Ricochet Lost Worlds from HP Media Center (remove only)
"0C20CAB1-F8BC-4AC1-A796-535B005C1B83" = Super Granny from HP Media Center (remove only)
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"3320769C-062B-4670-BD6B-AA4B3D0E9903" = FATE from HP Media Center (remove only)
"538B9061-0C77-4FB2-903F-EC42A1FF5DD8" = Mah Jong Quest from HP Media Center (remove only)
"5DAA9E44-1B31-41CD-88A8-228EDED6E36E" = Bounce Symphony from HP Media Center (remove only)
"758619C0-7C97-42BB-B1E9-775F72FDAD1E" = Blackhawk Striker 2 from HP Media Center (remove only)
"7-Zip" = 7-Zip 4.65
"901E0096-B2AC-469E-A99E-2725A39C0B47" = Zuma Deluxe from HP Media Center (remove only)
"9844050E-4CA4-4901-A53D-A5D14C63789B" = Lexibox Deluxe from HP Media Center (remove only)
"A09026AE-8F16-4929-B4E6-1825535844DB" = Insaniquarium Deluxe from HP Media Center (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"AwayMode160" = Microsoft Away Mode
"B2AA88B1-4920-462B-9F7C-019782B3C4DB" = Shooting Stars Pool from HP Media Center (remove only)
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"B3FF79F4-CDA8-4845-A7C0-9CE017719F36" = Tradewinds from HP Media Center (remove only)
"Canon iP4500 series User Registration" = Canon iP4500 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DISCover" = DISCover
"E0998E52-9D08-4AEE-A4F5-0BB1D8537F6E" = Slingo Deluxe from HP Media Center (remove only)
"E59F75D0-A38B-40F4-ABA2-CA35A7735473" = Bookworm Deluxe from HP Media Center (remove only)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"F38688AF-57C2-4A9C-BFEF-25F3AEC11F1E" = Lemonade Tycoon 2 from HP Media Center (remove only)
"Free Window Registry Repair" = Free Window Registry Repair
"HijackThis" = HijackThis 2.0.2
"HP Document Viewer" = HP Document Viewer 5.3
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HP Rhapsody" = HP Rhapsody
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"IntelliMover Data Transfer Demo" = Remove IntelliMover Demo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Netscape Browser" = Netscape Browser (remove only)
"NIS" = Norton Internet Security
"Norton Utilities_is1" = Norton Utilities
"NSS" = Norton Security Scan
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PROSet" = Intel® PRO Network Connections Drivers
"PS2" = PS2
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Spyware Process Detector_is1" = Spyware Process Detector v3.20
"Ulead iPhoto Plus 4.0" = Ulead iPhoto Plus 4.0
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 8/26/2009 3:14:23 AM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 3:14:24 AM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 3:14:24 AM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 3:14:25 AM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 3:14:27 AM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 4:05:05 AM | Computer Name = YOUR-4DACD0EA75 | Source = Google Update | ID = 20
Description =
Error - 8/26/2009 3:05:05 PM | Computer Name = YOUR-4DACD0EA75 | Source = Google Update | ID = 20
Description =
Error - 8/26/2009 4:05:05 PM | Computer Name = YOUR-4DACD0EA75 | Source = Google Update | ID = 20
Description =
Error - 8/26/2009 9:18:54 PM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
Error - 8/26/2009 9:18:54 PM | Computer Name = YOUR-4DACD0EA75 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
[ System Events ]
Error - 12/2/2009 1:03:06 AM | Computer Name = YOUR-4DACD0EA75 | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 12/3/2009 10:50:53 PM | Computer Name = YOUR-4DACD0EA75 | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 12/8/2009 4:53:34 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2
Error - 12/9/2009 12:20:32 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2
Error - 12/9/2009 7:23:47 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2
Error - 12/10/2009 7:14:17 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2
Error - 12/20/2009 4:15:46 AM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2
Error - 12/20/2009 3:07:03 PM | Computer Name = YOUR-4DACD0EA75 | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.
Error - 12/20/2009 3:08:50 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Norton Internet Security
service to connect.
Error - 12/20/2009 3:08:50 PM | Computer Name = YOUR-4DACD0EA75 | Source = Service Control Manager | ID = 7000
Description = The Norton Internet Security service failed to start due to the following
error: %%1053
< End of report >