OTL logfile created on: 2/3/2010 1:35:16 PM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\btaylor\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 85.54 Gb Total Space | 26.69 Gb Free Space | 31.20% Space Free | Partition Type: NTFS
Drive D: | 7.61 Gb Total Space | 0.68 Gb Free Space | 8.92% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADE-MOBILE1-HP
Current User Name: btaylor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/02/03 13:31:06 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\btaylor\Desktop\OTL.exe
PRC - [2010/02/02 19:41:17 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\32788R22FWJFW\cmd.cfxxe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009/12/17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/31 22:05:23 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\btaylor\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/17 01:41:10 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009/10/17 01:39:40 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/10/14 08:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2009/10/14 08:30:12 | 001,217,904 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
PRC - [2009/10/14 08:30:06 | 000,730,480 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/09/10 11:15:42 | 000,870,672 | ---- | M] (SonicWALL, Inc.) -- C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
PRC - [2009/07/01 22:05:58 | 001,713,152 | ---- | M] (Software Security System) -- C:\Program Files\Refinate\Refinate3\Ekag20nt.exe
PRC - [2009/06/22 06:49:23 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqtgsvc.exe
PRC - [2009/06/22 06:49:04 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqsvc.exe
PRC - [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/10/10 04:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/02 15:46:14 | 000,446,464 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2007/02/16 17:57:24 | 001,945,960 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007/02/16 17:49:58 | 000,149,024 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007/02/16 17:49:50 | 000,411,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/02/16 17:45:30 | 001,169,776 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007/01/12 13:36:40 | 000,827,392 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/11/11 21:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2006/10/18 19:05:26 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006/06/08 13:02:06 | 000,131,072 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2006/06/07 17:12:26 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP ProtectTools Security Manager\PTServs.exe
PRC - [2006/05/04 13:05:00 | 000,055,808 | R--- | M] (Cognizance Corporation) -- C:\Program Files\HPQ\IAM\Bin\asghost.exe
PRC - [2006/05/02 14:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/02 17:39:42 | 000,131,072 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2006/02/15 17:43:16 | 000,892,928 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
PRC - [2006/02/14 12:49:22 | 000,454,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2006/01/29 20:00:04 | 000,088,203 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2006/01/20 13:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/01/17 00:01:46 | 000,053,248 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2006/01/10 07:23:54 | 000,458,752 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IFXSPMGT.exe
PRC - [2006/01/10 07:23:16 | 000,136,736 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
PRC - [2005/12/23 14:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2005/12/20 17:51:40 | 001,187,840 | ---- | M] () -- C:\WINDOWS\SMINST\Recguard.exe
PRC - [2005/09/02 06:59:02 | 000,647,168 | ---- | M] (Infineon Technologies AG) -- C:\WINDOWS\system32\IFXTCS.exe
PRC - [2005/08/19 09:47:52 | 000,173,600 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
PRC - [2005/08/19 09:22:10 | 000,397,312 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\ProtectTools\Embedded Security Software\SpTNA.exe
PRC - [2005/06/10 09:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/05/20 03:11:06 | 000,925,696 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004/08/04 03:00:00 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2004/08/04 03:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\chcp.com
PRC - [2003/05/31 20:02:32 | 007,544,916 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
========== Modules (SafeList) ========== MOD - [2010/02/03 13:31:06 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\btaylor\Desktop\OTL.exe
MOD - [2009/10/14 08:30:36 | 000,628,080 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009/10/14 08:30:06 | 000,546,160 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.dll
MOD - [2009/09/10 11:15:48 | 000,013,072 | ---- | M] () -- C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\MlfHook.dll
MOD - [2008/07/25 10:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 10:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/06/15 01:41:00 | 000,086,016 | R--- | M] (Cognizance Corporation) -- C:\Program Files\HPQ\IAM\Bin\ItClient.dll
MOD - [2004/08/04 03:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
========== Win32 Services (SafeList) ========== SRV - [2009/12/17 17:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/12/17 16:36:24 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/10/17 01:41:10 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 08:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009/08/27 13:48:34 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/06/22 06:49:23 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mqtgsvc.exe -- (MSMQTriggers)
SRV - [2009/06/22 06:49:04 | 000,004,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\mqsvc.exe -- (MSMQ)
SRV - [2008/10/10 04:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/02 15:46:14 | 000,446,464 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2007/02/16 17:49:50 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/04 18:48:52 | 000,112,152 | ---- | M] (InterVideo) [On_Demand | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/20 22:05:04 | 000,139,264 | ---- | M] () [On_Demand | Stopped] -- c:\ADEdevlp\altera\Quartus_61\quartus\bin\jtagserver.exe -- (JTAGServer)
SRV - [2006/11/11 21:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/10/09 10:32:26 | 000,570,368 | ---- | M] (Ziff Davis Media, Inc) [On_Demand | Stopped] -- C:\Program Files\PC Magazine Utilities\HD HeartBeat 2\HBSrvApp.exe -- (HBService)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/09/09 01:15:00 | 000,063,488 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll -- (ASBroker)
SRV - [2006/05/02 14:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/03/07 04:36:00 | 000,132,096 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\HPQ\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2006/01/20 13:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/01/12 14:22:38 | 000,294,912 | ---- | M] (SoftThinks) [Auto | Stopped] -- C:\WINDOWS\SMINST\PCAngel.exe -- (PCA)
SRV - [2006/01/10 07:23:54 | 000,458,752 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\WINDOWS\system32\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2005/09/02 06:59:02 | 000,647,168 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\WINDOWS\system32\IFXTCS.exe -- (IFXTCS)
SRV - [2005/08/19 09:47:52 | 000,173,600 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE -- (PersonalSecureDriveService)
SRV - [2004/10/22 05:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 14:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/05/31 20:02:32 | 007,544,916 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -- (MSSQL$MICROSOFTBCM)
SRV - [2003/04/01 21:08:30 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV)
SRV - [2002/12/17 14:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTBCM)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerm...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010/01/22 14:01:59 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/03/18 15:18:02 | 000,000,814 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.1.101 HP0015604CA995
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Credential Manager for ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll (Infineon Technologies AG)
O2 - BHO: (no name) - {E02E86EB-220B-4B59-A251-F849405E1D64} - No CLSID value found.
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\HPQ\IAM\Bin\AsTsVcc.dll (Cognizance Corporation)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [DirectFolders] C:\Program Files\Direct Folders\df.exe (Code Sector Inc.)
O4 - HKLM..\Run: [EKAN0200B03FD1305A4B] C:\Program Files\Refinate\Refinate3\EKAG20NT.EXE (Software Security System)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OpScheduler] C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe File not found
O4 - HKLM..\Run: [PDF4 Registry Controller] C:\Program Files\ScanSoft\PDF Professional 4.0\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\btaylor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [PCMagInstaback2] C:\Program Files\PC Magazine Utilities\InstaBack 2\InstaBack.exe (Ziff Davis Media, Inc)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\btaylor\Start Menu\Programs\Startup\ButtonBoogie.lnk = C:\Program Files\PC Magazine Utilities\ButtonBoogie\ButtonBoogie.exe (Ziff Davis Media, Inc.)
O4 - Startup: C:\Documents and Settings\btaylor\Start Menu\Programs\Startup\CPU_DskRdWr.lnk = C:\WINDOWS\system32\perfmon_processor1_2_diskRdWr.msc ()
O4 - Startup: C:\Documents and Settings\btaylor\Start Menu\Programs\Startup\DeskPins.lnk = C:\Program Files\DeskPins\DeskPins.exe (Elias Fotinis)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: turbotax.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A}
http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
https://a248.e.akamai.net/f/248/14778/2h/dl...vex-2.2.3.5.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.microsoft.com/windowsupd...b?1185496221460 (WUWebControl Class)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D}
http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab (HpProductDetection Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microsoftu...b?1186516506781 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1}
http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.2.1.cab (DownloadManager Control)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\IfxWlxEN: DllName - IfxWlxEN.dll - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll (Cognizance Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\HP Cityscape Wide_auto_switch.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\HP Cityscape Wide_auto_switch.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 12:21:43 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 04:07:00 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0153018a-60aa-11dc-ab8c-0014a5ff3a2f}\Shell - "" = AutoRun
O33 - MountPoints2\{0153018a-60aa-11dc-ab8c-0014a5ff3a2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0153018a-60aa-11dc-ab8c-0014a5ff3a2f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{83c2ca88-9e18-11dc-abcc-0014a5ff3a2f}\Shell - "" = AutoRun
O33 - MountPoints2\{83c2ca88-9e18-11dc-abcc-0014a5ff3a2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9a29fe6e-cb4e-11dd-93d4-0014a5ff3a2f}\Shell - "" = AutoRun
O33 - MountPoints2\{9a29fe6e-cb4e-11dd-93d4-0014a5ff3a2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9a29fe6e-cb4e-11dd-93d4-0014a5ff3a2f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ab55f7ba-6279-11dc-a1c2-0014a5ff3a2f}\Shell - "" = AutoRun
O33 - MountPoints2\{ab55f7ba-6279-11dc-a1c2-0014a5ff3a2f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk /p \??\I:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/07/26 20:22:36 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (72905356157648896)
========== Files/Folders - Created Within 14 Days ========== [2010/02/03 13:31:04 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\btaylor\Desktop\OTL.exe
[2010/02/02 19:41:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/02/02 19:41:07 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/28 13:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/01/28 13:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\btaylor\Application Data\SUPERAntiSpyware.com
[2010/01/28 13:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/01/28 13:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/01/24 19:55:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/24 19:55:01 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/24 19:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/24 19:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/01/24 17:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\PC Magazine Password Profiler
[2010/01/22 14:16:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\btaylor\Application Data\#ISW.FS#
[2010/01/22 14:09:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\btaylor\Application Data\MailFrontier
[2010/01/22 14:01:48 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys
[2010/01/22 14:01:41 | 000,317,072 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/01/22 14:01:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/01/22 14:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/01/22 14:00:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/01/21 19:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/01/21 14:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/20 13:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\btaylor\My Documents\ZoneAlarmInternet Logs
[2007/10/21 10:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2007/07/26 20:23:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/07/26 20:23:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/07/26 20:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\btaylor\My Documents\*.tmp files -> C:\Documents and Settings\btaylor\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010/02/03 13:31:06 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\btaylor\Desktop\OTL.exe
[2010/02/03 13:10:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1252682364-4217468778-4039539407-1006UA.job
[2010/02/03 12:11:31 | 000,000,144 | ---- | M] () -- C:\WINDOWS\System32\pdfl.dat
[2010/02/03 12:02:32 | 000,152,696 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_folder_content2.jpg
[2010/02/03 11:58:26 | 000,027,370 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_Properties.jpg
[2010/02/03 11:51:47 | 000,085,990 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_folder_content.jpg
[2010/02/02 23:10:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1252682364-4217468778-4039539407-1006Core.job
[2010/02/02 18:34:28 | 003,844,017 | ---- | M] () -- C:\Documents and Settings\btaylor\Desktop\schrauber.exe
[2010/02/02 18:11:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/02 18:09:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/02 18:09:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/02 18:08:04 | 012,058,624 | ---- | M] () -- C:\Documents and Settings\btaylor\ntuser.dat
[2010/02/02 18:07:44 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/02/02 18:07:35 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\btaylor\ntuser.ini
[2010/02/02 18:06:22 | 000,058,353 | ---- | M] () -- C:\WINDOWS\System32\perfmon_processor1_2_diskRdWr.msc
[2010/02/01 15:14:28 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\btaylor\Desktop\huc750bq.exe
[2010/01/30 16:20:13 | 000,504,320 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\java_script_cache_deleted_for_fakeantivirus.xls
[2010/01/30 09:47:28 | 000,000,632 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/30 09:47:28 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/30 09:47:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/01/29 09:57:30 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\BillPayScratchPad_all_dates_bak.xls
[2010/01/29 09:57:30 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\BillPayScratchPad_all_dates.xls
[2010/01/28 13:33:49 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/27 15:21:46 | 000,730,271 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\cookies.pae
[2010/01/26 20:11:00 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\btaylor\Desktop\Google Chrome.lnk
[2010/01/26 10:41:50 | 000,003,344 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus_redirect_02.jpg
[2010/01/25 11:18:37 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/25 08:17:16 | 000,003,374 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus_redirect.jpg
[2010/01/23 11:20:49 | 000,007,224 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus.jpg
[2010/01/22 14:03:02 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/01/22 14:02:29 | 000,423,563 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/01/22 14:01:57 | 000,000,080 | ---- | M] () -- C:\WINDOWS\System32\ibfl.dat
[2010/01/21 19:34:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/21 17:37:04 | 000,104,817 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\IE8_AdvancedTab_Restore.jpg
[2010/01/21 17:34:43 | 000,104,916 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\IE8_AdvancedTab_after_install.jpg
[2010/01/20 19:50:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/20 17:21:20 | 087,216,344 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\PriorToZoneAlarmReg.reg
[2010/01/20 17:19:34 | 000,004,361 | ---- | M] () -- C:\Documents and Settings\btaylor\My Documents\KLIF_REG.JPG
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\btaylor\My Documents\*.tmp files -> C:\Documents and Settings\btaylor\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/02/03 12:02:32 | 000,152,696 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_folder_content2.jpg
[2010/02/03 11:58:26 | 000,027,370 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_Properties.jpg
[2010/02/03 11:50:04 | 000,085,990 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\ComboFix_folder_content.jpg
[2010/02/02 18:34:22 | 003,844,017 | ---- | C] () -- C:\Documents and Settings\btaylor\Desktop\schrauber.exe
[2010/02/01 16:44:50 | 006,912,054 | ---- | C] () -- C:\WINDOWS\HP Cityscape Wide_auto_switch.bmp
[2010/02/01 15:14:25 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\btaylor\Desktop\huc750bq.exe
[2010/01/30 16:20:13 | 000,504,320 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\java_script_cache_deleted_for_fakeantivirus.xls
[2010/01/29 10:59:32 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\BillPayScratchPad_all_dates_bak.xls
[2010/01/28 13:33:49 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/27 15:21:46 | 000,730,271 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\cookies.pae
[2010/01/26 10:41:49 | 000,003,344 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus_redirect_02.jpg
[2010/01/25 11:18:37 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/25 08:17:16 | 000,003,374 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus_redirect.jpg
[2010/01/23 11:20:49 | 000,007,224 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\Malware_FakeAntiVirus.jpg
[2010/01/22 14:01:57 | 000,000,144 | ---- | C] () -- C:\WINDOWS\System32\pdfl.dat
[2010/01/22 14:01:57 | 000,000,080 | ---- | C] () -- C:\WINDOWS\System32\ibfl.dat
[2010/01/22 14:01:14 | 000,423,563 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/01/22 11:15:35 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/01/21 17:37:04 | 000,104,817 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\IE8_AdvancedTab_Restore.jpg
[2010/01/21 17:34:43 | 000,104,916 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\IE8_AdvancedTab_after_install.jpg
[2010/01/20 17:21:10 | 087,216,344 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\PriorToZoneAlarmReg.reg
[2010/01/20 17:19:33 | 000,004,361 | ---- | C] () -- C:\Documents and Settings\btaylor\My Documents\KLIF_REG.JPG
[2009/10/13 12:40:58 | 000,959,488 | ---- | C] () -- C:\WINDOWS\System32\Hdlg20.dll
[2009/08/30 11:15:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IROTVIEW.INI
[2009/01/24 17:22:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SPYXX.INI
[2008/09/24 17:48:05 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2008/07/08 12:50:03 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2008/04/05 14:41:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVEdit.INI
[2008/04/05 11:26:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\trc.dll
[2008/04/05 11:26:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dsp_trc.dll
[2008/04/05 11:26:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\IcdSptSvps.dll
[2007/12/26 15:51:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/08/29 21:04:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/08/29 14:09:43 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2007/08/17 14:47:29 | 000,953,344 | ---- | C] () -- C:\WINDOWS\System32\pg32.dll
[2007/08/17 14:47:29 | 000,193,024 | ---- | C] () -- C:\WINDOWS\System32\co2c40en.dll
[2007/08/17 14:47:29 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2007/08/16 16:02:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SPLASH.INI
[2007/08/15 17:31:06 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/11 22:25:12 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\btaylor\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/09 16:10:55 | 000,000,213 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/08/07 12:44:40 | 000,001,004 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL_deleteThis.sys
[2007/08/01 16:33:56 | 000,000,399 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/07/27 09:00:44 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007/07/27 09:00:43 | 000,003,399 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/07/27 08:58:11 | 000,001,114 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2007/07/27 08:29:03 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/07/26 18:52:22 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\btaylor\Local Settings\Application Data\fusioncache.dat
[2007/07/26 18:52:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\btaylor\Local Settings\Application Data\QSwitch.txt
[2007/07/26 18:52:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\btaylor\Local Settings\Application Data\DSwitch.txt
[2007/07/26 18:52:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\btaylor\Local Settings\Application Data\AtStart.txt
[2007/07/26 17:55:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/07/26 17:55:28 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/07/26 17:55:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/07/26 17:55:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/07/26 17:55:28 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/07/26 17:55:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/17 11:34:40 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2006/11/13 13:11:50 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\Xkc3220.dll
[2006/11/11 21:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/25 02:19:47 | 000,000,271 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/04/25 02:12:52 | 000,000,636 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/25 02:09:02 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/12/01 14:11:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/08/07 08:19:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:12:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/06/01 04:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/08 00:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ========== [2007/08/23 09:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2007/07/27 17:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
[2007/07/26 20:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Infineon
[2007/07/27 16:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2009/09/19 16:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky SDK
[2009/09/19 15:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2007/08/17 15:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mgc
[2007/07/31 11:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2007/08/01 16:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/07/27 17:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2010/02/03 13:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\#ISW.FS#
[2008/06/09 08:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Acronis
[2009/06/16 14:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Canon
[2009/12/28 19:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\CheckPoint
[2007/08/14 16:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Credential Manager
[2007/08/29 03:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Direct Folders
[2009/09/12 21:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Foxit
[2010/01/06 16:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Foxit Software
[2010/01/19 16:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\GrabPro
[2007/07/26 20:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Infineon
[2007/08/29 19:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\InterVideo
[2007/08/16 11:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Leadertech
[2010/01/22 15:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\MailFrontier
[2009/03/22 10:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\PC Magazine Utilities
[2007/07/27 17:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\PCMagazine
[2006/04/25 02:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\SampleView
[2007/08/01 16:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\ScanSoft
[2009/07/29 12:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Sciensoft
[2007/08/10 17:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Visio
[2008/04/03 14:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Xilinx
[2007/07/27 18:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\btaylor\Application Data\Zeon
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >[2004/08/04 08:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\i386\sp2.cab:atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\symbols\atapi.sys\41107B4D17480\atapi.sys
[2004/08/03 19:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >[2004/08/04 03:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: IASTOR.SYS >[2005/10/12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\iastor.sys
[2005/10/12 07:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys
< MD5 for: NETLOGON.DLL >[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtUninstallKB975467$\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 03:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 03:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\WgaTray.exe:SummaryInformation
< End of report >
OTL Extras logfile created on: 2/3/2010 1:35:16 PM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\btaylor\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 85.54 Gb Total Space | 26.69 Gb Free Space | 31.20% Space Free | Partition Type: NTFS
Drive D: | 7.61 Gb Total Space | 0.68 Gb Free Space | 8.92% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADE-MOBILE1-HP
Current User Name: btaylor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Open in WMatch] -- C:\Program Files\PC Magazine Utilities\WMatch\WMatch.exe "%L" (Ziff Davis Media, Inc)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"E:\Setup\HPZnet01.exe" = E:\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in -- File not found
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor -- (Hewlett-Packard Co.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw -- ()
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:HP CUE-Scanning Flow Component -- (Hewlett-Packard)
"C:\Program Files\Hp\HP Software Update\HPWUCli.exe" = C:\Program Files\Hp\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client -- (Hewlett-Packard)
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe" = C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner -- File not found
"C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:HP AiO Fax Manager -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\PC Magazine Utilities\HD HeartBeat 2\HDHBClient.exe" = C:\Program Files\PC Magazine Utilities\HD HeartBeat 2\HDHBClient.exe:*:Disabled:HD HeartBeat 2 -- (Ziff Davis Media, Inc)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008F546D-ECB9-586B-4FD1-AF675672299F}" = CCC Help Finnish
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06CE9412-6714-44AE-A035-F4E9930009E1}" = Advanced Network Diagramming Help
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{077007F3-49B9-9533-823D-9C1E67A00411}" = ccc-utility
"{0827AE32-6D43-4625-8E70-17750C4EC52B}" = ModelSim-Altera 6.1g
"{08E35087-5448-641C-BC06-74C72099D18F}" = Catalyst Control Center Graphics Light
"{0993A7DC-5616-4DBA-A538-E6BFE0C94C1D}" = Directory Services Help
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0B5E0886-BC91-4E83-BB29-A664ED8F0285}" = Project Schedules Help
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{136498DE-6FBD-4F6F-B065-8E24118D351E}" = Internet Diagrams Help
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{14C59047-997A-3ED9-6280-A35967F2ACD8}" = CCC Help Czech
"{15ECF660-1BA6-1E0C-C9A7-C3D236D2487E}" = CCC Help German
"{1643CDBE-6202-E134-63BE-46F1B8B4DEEE}" = CCC Help Spanish
"{16C586A1-4ACB-11D3-8662-00C04F8DBAD9}" = Release Notes
"{171352B5-5B17-3088-D672-74ADB0AF2918}" = Catalyst Control Center Localization Dutch
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{172ED890-6982-4CCF-BD23-6949E553B860}" = Save as HTML
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AEB4CD-4436-86D7-114F-5EE36CF5F67C}" = Catalyst Control Center Localization Thai
"{19B29943-2A85-11D3-8F74-00C04F8DD7E3}" = Solutions
"{19EB1250-0ED3-C57C-5B81-9B7CE49C5FBD}" = Catalyst Control Center Localization Hungarian
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1BF9C245-5202-6452-C9DD-0542D31D149D}" = Catalyst Control Center Graphics Full Existing
"{1D66C1EB-9FC0-4363-A4B9-E44DDCBACD00}" = Organization Charts
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{214ED689-3F31-4ABC-A79D-870A73ECB086}" = TurboTax 2008 wctiper
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2298055A-F5E6-4332-9A15-C5D99870E72F}" = HP Embedded Security for ProtectTools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241957BD-4436-42B1-ADCF-AE18144358D7}" = Office Layout
"{24A9B1E0-35A7-619B-F2E6-E3B39571EDC3}" = Catalyst Control Center Core Implementation
"{268FC299-C0BD-4230-9D00-FD7BBB71A2C7}" = Organization Charts Help
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 18
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2996D45D-854E-CCBD-ACD6-FCD4FD2C9A2A}" = CCC Help Swedish
"{2D329298-7BDD-476B-8F68-AE3F66EB6F8F}" = Flowcharts
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2E9797C7-2840-4A14-F624-0EC99E9EC350}" = CCC Help Hungarian
"{2F05866B-CD80-9214-B4E7-6FB2E85AABD1}" = CCC Help Japanese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31AE315A-E06C-9FF5-11A5-C25A2ABDB786}" = CCC Help Thai
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{33268598-6AF4-C4FD-5A9F-2D1D4BFE0F2D}" = Catalyst Control Center Localization Japanese
"{3379BB86-49C2-11D3-80AC-00C04F6B854D}" = Network Diagrams Help
"{3388E964-4C4F-11D3-9F66-006008A88EC8}" = Microsoft Visio 2000 (IE)
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 D2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{380E3211-4549-42B3-8EE8-2B0561530061}" = Custom Properties Editor
"{390927CA-7D1F-44EB-95FF-FBB4B20822B4}" = Borders and Backgrounds Help
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3A52FF30-BC14-63AA-0783-EDA7832C281E}" = Catalyst Control Center Localization Portuguese
"{3A71AF7E-705C-40D3-9024-B63C00AB1772}" = Program Files Help
"{3F611FF4-B469-358E-F356-6F35235F81F5}" = Catalyst Control Center Localization Korean
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager Installer
"{40B0A7CC-1676-43E9-8444-2EF2377E87B8}" = ScanSoft PDF Professional 4
"{413CEBC4-ABA1-4AC4-ADFB-69FA195F09AB}" = 7300_Help
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis True Image Home
"{426C7CC1-5AC3-4758-A40C-6446F2CEA8C9}" = ccc-Branding
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1
"{43B6667D-7520-4186-B05B-F5C0494C495D}" = UltraEdit-32
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{46D2CC82-BEAE-4E47-A153-008E60E67BA2}" = Release Notes Professional
"{47DA5AC5-E271-B722-B806-B97799B57B37}" = Catalyst Control Center Localization Greek
"{4805E0FB-97DF-4C0E-A2D4-10BE5D305B08}" = Quartus II 6.1
"{483BC5C9-2F5C-C9DA-BC2E-5A7972BD5E49}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F31302F-A77C-4759-9803-E02696185089}" = Program Files Professional
"{51196320-99A0-4737-AE71-5BAF9489A855}" = Database Wizard
"{51315C2D-3BDB-3BDD-9B9C-7E3E46374752}" = ccc-core-static
"{55B39A89-795A-4E9F-AB38-15AB66125914}" = Borders and Backgrounds
"{55C98239-914A-46C1-B19D-83E90F7E00CC}" = Fingerprint Sensor Minimum Install
"{560976C5-925A-4AA2-B28D-0493FE886F5F}" = ScanSoft OmniPage 15.0
"{5BF9AE5B-D635-4BB6-9229-F863B28F9107}" = Graphics Filters
"{5C741A01-05D6-4306-BA6A-DC8401285AE8}" = Debugging Tools for Windows
"{5D38CE84-E726-4014-8725-218639872ADC}" = ElecKey 2.0 Enterprise
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{60071A8D-0CB0-0F43-EBE9-B3B04E130991}" = CCC Help Danish
"{60692A39-4C61-11D3-A339-006097B6ECD2}" = Program Files
"{60692A40-4C61-11D3-A339-006097B6ECD2}" = Visio
"{60C8D1EA-CB39-44FF-BECA-9B1457898C9B}" = Office Layout Help
"{62E98CB2-2B1E-4E7D-8C3B-F6E7A3CB14E0}" = Network Diagrams
"{6360CF27-CBDB-3C8A-A99E-E159308DCF94}" = CCC Help Korean
"{63702CB3-38D5-11D4-9A93-00C04F281EE2}" = FlukeView Forms
"{639B050E-9ADC-44C4-B7FE-BA7DB59D4E4B}" = Forms and Charts
"{63A0A66B-3A50-4D3E-9B88-6459D699C700}" = Internet Diagrams
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{66563AD8-637B-407F-BCA7-0233A16891AB}" = Business Contact Manager for Outlook 2003
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69FC7B0F-E59D-418B-A007-13F02DBB002E}" = Advanced Network Diagramming
"{6A4EABDC-B3AA-421D-AB8B-5678293C9235}" = Callouts and Connectors Help
"{6B766FD2-7EFE-2E09-D9FC-9E79CB8DFA7C}" = CCC Help Dutch
"{6C57DDE5-623F-4C0C-6652-E9574B26BFE7}" = Catalyst Control Center Localization German
"{6D48CC96-AC7C-449F-BD06-7C52A791848B}" = 7400
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6EE4EC98-1AC2-C1BA-FCC5-F8ECB757CCC3}" = CCC Help Turkish
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{75ECB75A-522C-4312-8DE7-597CDA9D96A3}" = HP Mobile Data Protection System
"{76002427-A479-EE39-6526-F3FE408C01BE}" = Catalyst Control Center Localization Turkish
"{7A6C7307-2E67-15D8-21ED-40751ED5838A}" = Catalyst Control Center Localization Chinese Traditional
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7F9A4ECA-F3FB-0634-050B-66B7CA6ACF8F}" = CCC Help Russian
"{804611CE-D86D-4EF0-257D-D54F82B16667}" = CCC Help Chinese Standard
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85BEF57D-4FD6-B701-A694-1440B96D4394}" = Catalyst Control Center Graphics Full New
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{865B8C2D-F1CC-4359-807F-EB277BE8A9C2}" = CCC Help Norwegian
"{865E2636-CFB9-4D7F-BF50-98161A1478B7}" = Cadence Allegro Free Physical Viewer 15.7
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E4170B-8D1D-CECD-B523-ACE08A5B35D9}" = CCC Help Chinese Traditional
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8C1D906C-D2DA-4E26-B0CF-EB79EEB1F946}" = Software Design Help
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 D3
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9679F65E-E921-5316-69AB-6CF122B867F0}" = Skins
"{9AA3FA54-3CF1-45E9-8786-9E896B161379}" = HP Credential Manager for ProtectTools
"{9D25D3FD-A1DE-4CA0-BE6F-B5F65545DDB6}" = Directory Services
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9EC41026-8399-47E4-9FE9-CFCCCB71F8C3}" = Property Reporting Wizard
"{9EF5B77F-703E-4953-9DA9-186E28A62568}" = 7300Trb
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4121C0A-438D-426D-986F-4E14BBBAB2A3}" = MGC Visual Studio 7 Runtime
"{A4DF8034-28B1-4967-9216-2B2BB435A7C1}" = Program Files Professional Help
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7016C76-6B65-428F-A2E8-F8A8007BECAF}" = Database Design
"{A79BF79B-E611-53FC-855B-32D418B3BE7F}" = CCC Help Italian
"{A7A6ACF2-AEAB-70D8-C44B-DAC7AFA27EDE}" = Catalyst Control Center Localization Finnish
"{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour
"{A8323532-49A2-4055-B424-EEB547E3D02E}" = Project Schedules
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AA0DD516-7ABA-3D8D-63FE-1C9F140D4D16}" = Catalyst Control Center Localization Spanish
"{AA12D4B2-1EAE-4DCA-9C5D-C0674A426758}" = MegaCore IP Library 6.1
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = TIPCI
"{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 C3
"{B06E51F3-D04E-4898-9700-2E48788D5274}" = Clip Art and Symbols
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1
"{B5A344FB-EC76-B196-B40A-DD410DDD6A4C}" = CCC Help Greek
"{B6826FA8-04C8-4147-AA3C-5B900AB887A1}" = PowerArchiver 2007
"{B80DA153-D56F-4D80-AC29-CEBC8BB263B9}" = Callouts and Connectors
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{B9EF1B56-2E87-11D3-80A5-00C04F6B854D}" = Maps
"{BA04FFF0-F3A5-4D48-BD32-003D7E901178}" = Page Layout Wizard
"{BA275E90-6B63-EDD5-6A5C-A0E690585115}" = Catalyst Control Center Localization Norwegian
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBC8E5CE-EBA6-AA71-03EF-A8E847EBC856}" = Catalyst Control Center Localization French
"{BBE93891-6608-11d3-9F6A-006008A88EC8}" = Help for Visio 2000 (HTML Help)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0C26E52-D52C-41ED-8F1C-D3D0DC941955}" = Software Design
"{C5E69312-4354-11D3-B0BC-00C04FC2B1B9}" = CAD Drawing Display
"{C8A6BD64-0FB7-4AE5-82DF-09B5C6161486}" = Database Design Help
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0EBA25A-78EC-B855-22AA-243D26524400}" = Catalyst Control Center Localization Russian
"{D177CEC6-ABF4-6C8E-0D8E-0C04530D0128}" = Catalyst Control Center Localization Polish
"{D2D89191-1BB5-42BF-863D-991347B36641}" = Block Diagrams
"{D537C817-BF8E-4746-9E1E-E2A67DAECE4E}" = Add-ons
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition
"{D982E7B4-4C62-11D3-A339-006097B6ECD2}" = Visio Core Files
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DE86D3FE-E40A-430E-7C9D-E896DBB6A5BC}" = Catalyst Control Center Localization Swedish
"{DFB8D937-5CC3-4555-9150-90E57459AF00}" = Block Diagrams Help
"{DFE81EB6-0287-4DFF-AE7D-14E664586905}" = Clip Art and Symbols Help
"{E019C464-063D-CCBD-5B1B-BB1DF0847266}" = CCC Help Polish
"{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B5
"{E2057EE6-A559-40E3-AF8B-437866E0EDA9}" = Flowcharts Help
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E44BD710-B71A-11d3-9F79-006008A88EC8}" = VBA
"{E5764097-B506-D2A9-52F4-0D7B8D092F2A}" = Catalyst Control Center Localization Danish
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E7DE3D60-3FB8-11D3-8F79-00C04F8DD7E3}" = Developing Visio Solutions Help
"{E7E8B506-BF0F-64C7-401D-14C49719C214}" = CCC Help French
"{E8814A8F-3B06-11D3-8CD7-00C04F72C04D}" = Microsoft Visual Studio Service Pack 3
"{EE6824C7-84BC-0059-895F-9605010DB453}" = Catalyst Control Center Localization Czech
"{EF949584-D843-4F7F-A4B4-070CC9E48B45}" = UltraCompare Professional
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F28D0D4C-D522-43B1-9700-C896A76C6130}" = Maps Help
"{F500FE1A-5B52-4851-9813-7541E157ACC4}" = HP User Guides 0020
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F6302A1E-FE95-ADA7-92D6-FCB8A78343CF}" = Catalyst Control Center Localization Italian
"{F8AC5466-790B-12AA-B3F4-D25A54BCA758}" = CCC Help English
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FC588207-9B40-4800-92AD-EB4D48FB7726}" = Forms and Charts Help
"{FFFBD37E-2309-A927-59A7-7F5F007C0C23}" = CCC Help Portuguese
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AI RoboForm" = AI RoboForm (All Users)
"ATI Display Driver" = ATI Display Driver
"Cadence PSD 14.2 Node-locked" = Cadence PSD 14.2 Node-locked
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"CSCLIB" = Canon Camera Support Core Library
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DeskPins" = DeskPins (remove only)
"DirectFoldersAppID_is1" = Direct Folders
"EOS Utility" = Canon Utilities EOS Utility
"Excel VBA Code Cleaner 5.0" = Excel VBA Code Cleaner 5.0
"Foxit Reader" = Foxit Reader
"HP Photo & Imaging" = HP Image Zone 4.7
"HTPE3" = HyperTerminal Private Edition v6.3
"HyperSnap-DX 4" = HyperSnap-DX 4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inno Setup 5_is1" = Inno Setup version 5.2.3
"InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IrfanView" = IrfanView (remove only)
"Macro Express 3" = Macro Express 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MentorGraphicsJI" = Mentor Graphics Products
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Developer Network - Visual Studio 6.0a" = MSDN Library - Visual Studio 6.0a
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Magazine ButtonBoogie 2_is1" = PC Magazine ButtonBoogie 2.1
"PC Magazine File Utility Pack_is1" = PC Magazine File Utility Pack
"PC Magazine File Warden" = PC Magazine File Warden
"PC Magazine HD HeartBeat 2_is1" = PC Magazine HD HeartBeat 2.0
"PC Magazine InstaBack_is1" = PC Magazine InstaBack 2.0
"PC Magazine Startup Cop Pro" = PC Magazine Startup Cop Pro
"PC Magazine's WinTidy_is1" = WinTidy 1.0.11
"PC Tune-Up" = PC Tune-Up
"PCMagazine WMatch_is1" = PCMagazine WMatch Version 3.0
"Performance Monitor v1.0" = Performance Monitor v1.0
"PhotoStitch" = Canon Utilities PhotoStitch
"Rainbow Sentinel Driver" = Sentinel System Driver
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Refinate_is1" = Refinate version 2.0
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SolarWinds TFTP Server" = SolarWinds TFTP Server
"Sony Digital Voice Editor 3" = Sony Digital Voice Editor 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TurboTax 2008" = TurboTax 2008
"TurboTax Home & Business 2007" = TurboTax Home & Business 2007
"Tweak UI 2.10" = Tweak UI
"Visual Studio 6.0 Professional Edition" = Microsoft Visual Studio 6.0 Professional Edition
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilinx ISE 10.1" = Xilinx ISE 10.1
"Xilinx ISE 8.1i" = Xilinx ISE 8.1i
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoneAlarm Extreme Security" = ZoneAlarm Extreme Security
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/1/2010 9:40:22 AM | Computer Name = ADE-MOBILE1-HP | Source = HBSrvApp.exe | ID = 1
Description =
Error - 2/1/2010 5:25:07 PM | Computer Name = ADE-MOBILE1-HP | Source = Application Hang | ID = 1002
Description = Hanging application huc750bq.exe, version 1.0.15.15281, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/3/2010 1:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 2:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 3:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 4:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 5:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 6:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 7:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
Error - 2/3/2010 8:10:05 AM | Computer Name = ADE-MOBILE1-HP | Source = Google Update | ID = 20
Description =
[ Credential Manager Events ]
Error - 12/28/2007 4:30:22 PM | Computer Name = ADE-MOBILE1-HP | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
btaylor@. Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client Address:
127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
Error - 12/28/2007 4:30:22 PM | Computer Name = ADE-MOBILE1-HP | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: btaylor@. Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 2/14/2008 10:21:28 AM | Computer Name = ADE-MOBILE1-HP | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
btaylor@. Client GUID: {F01A31F7-51E5-4754-A9E9-47628503D6E2} Error: 0xC5161001 Client
Host: localhost Client Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol:
HTTP
Error - 2/14/2008 10:21:28 AM | Computer Name = ADE-MOBILE1-HP | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: btaylor@. Credentials:
Fingerprints Error: (0xC5161001) The fingerprints provided do not match.
Error - 2/14/2008 10:21:30 AM | Computer Name = ADE-MOBILE1-HP | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
btaylor@. Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client Address:
127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP
[ System Events ]
Error - 2/1/2010 6:18:55 PM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7001
Description = The Message Queuing service depends on the Distributed Transaction
Coordinator service which failed to start because of the following error: %%1068
Error - 2/1/2010 6:18:55 PM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7001
Description = The Message Queuing Triggers service depends on the Message Queuing
service which failed to start because of the following error: %%1068
Error - 2/1/2010 6:18:55 PM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31
Error - 2/1/2010 6:18:55 PM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD Fips intelppm IPSec kl1 KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip vsdatant
Error - 2/2/2010 3:00:27 AM | Computer Name = ADE-MOBILE1-HP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 2/2/2010 3:05:41 AM | Computer Name = ADE-MOBILE1-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/2/2010 3:05:41 AM | Computer Name = ADE-MOBILE1-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/2/2010 3:05:41 AM | Computer Name = ADE-MOBILE1-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\D.
Error - 2/2/2010 3:10:01 AM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7000
Description = The DS1410D service failed to start due to the following error: %%2
Error - 2/2/2010 7:10:35 PM | Computer Name = ADE-MOBILE1-HP | Source = Service Control Manager | ID = 7000
Description = The DS1410D service failed to start due to the following error: %%2
< End of report >