-
Near constant hard drive activity
First of all, Thank you to everybody who makes this kind of forum possible.
Not sure where to begin. On my laptop, toshiba satellite a105-s1712, when I boot up, the hard drive light will run almost constantlyand slow over all. I've checked for memory volume issues, but it doesn't seem to be running on virtual memory. I have 1.5GB of RAM, and don't peak over a gig most of the time. I have tried to run "Wise Registry Cleaner". I didn't see anything that needed to be fixed. I have run search and destroy in the past, as well as antivirus software from McAffe and AVG. I did get a hijackthis log if it's wanted.
It's late so I'm going to bed. Thank you.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Robert at 22:12:42 on 2011-10-26
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.379 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
svchost.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\FarStone\GameDrive\GDTask.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe
C:\PROGRA~1\METAMA~1\METAMA~1\METAMA~2.EXE
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\cidaemon.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.mg205.mail.yahoo.com/dc/launch
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = actsvr.comcastonline.com:8100
uInternet Settings,ProxyOverride = cdn
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [GameDrive] c:\program files\farstone\gamedrive\gdtask.exe /AutoRestore
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [TFncKy] TFncKy.exe
mRun: [TPSMain] TPSMain.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [GameDrive] "c:\program files\farstone\gamedrive\GDTask.exe" /AutoRestore
mRun: [Auto EPSON Stylus CX5400 on MAIN] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2g1.exe /p32 "auto epson stylus cx5400 on main" /o12 "\\main\EPSON" /M "Stylus CX5400"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\metama~1.lnk - c:\program files\metamail inc\metamail tray\Metamail Trust Manager.exe
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: 164.109.25.72
Trusted Zone: 207.130.86.35
Trusted Zone: acura.com
Trusted Zone: acurainfo.programhq.com
Trusted Zone: acuraspinplay.programhq.com
Trusted Zone: ahm-ownerlink.com
Trusted Zone: ahmdealer.com
Trusted Zone: download.com\www
Trusted Zone: ebay.com\www
Trusted Zone: honda.com
Trusted Zone: honda.vo.llnwd.net
Trusted Zone: hondaadcmd.com
Trusted Zone: hondacars.com
Trusted Zone: hondainfo.programhq.com
Trusted Zone: hondamap.com
Trusted Zone: hondapqr.com
Trusted Zone: hondaprofessional.com
Trusted Zone: hondaspinplay.programhq.com
Trusted Zone: hondasso.com
Trusted Zone: pcsc.acurasrs.com
Trusted Zone: toshibadirect.com\www
Trusted Zone: yahoo.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://www.nick.com/common/groove/gx/GrooveAX27.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A9217A62-15DD-4935-A0F4-F7304D867F42} : DhcpNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 gdxwdm;GDXWDM;c:\windows\system32\drivers\gdxwdm.sys [2003-5-24 59937]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-8-21 214664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-4-18 238952]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-4-18 36608]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-21 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-21 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-21 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-21 40552]
.
=============== Created Last 30 ================
.
2011-10-27 01:22:18 388096 ----a-r- c:\documents and settings\robert\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-10-27 01:22:16 -------- d-----w- c:\program files\Trend Micro
2011-10-27 00:48:58 -------- d-----w- c:\documents and settings\robert\local settings\application data\PCHealth
.
==================== Find3M ====================
.
2011-10-21 13:09:28 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 09:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 06:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-04-18 13:29:29 115331072 ----a-w- c:\program files\Samsung New PC Studio.msi
.
============= FINISH: 22:14:48.78 ===============
Last edited by tashi; 2011-10-27 at 05:05.
Reason: Moved from Spybot-S&D support
-
-
I'll do it either tonight or tomorrow. Lots of stuff going on right now. I promise I'll get it done and report back ASAP.
Thank You,
Robert
-
Hello Robert,
aswMBR checks for Rootkits which are hidden malware programs , so let do that first to make sure its not rootkit related.
You have both AVG and McAfee running on your system, more than one is overkill and can cause problems like this, you should only have one AV, keep it updated and run regular scans. Your call but you need to uninstall one via Add Remove Programs in the Control Panel.
Also a word of warning about registry cleaners, there not recommended as removing the wrong entry or entries can make your system unbootable.
Lets see what aswMBR comes up with and we can go from there
-
OK, I ran the program last night. Should I reboot? I'll at least hibernate. Also, I thought I Uninstalled McAffe. I did that before I installed AVG. I double checked (included the add remove programs) I don't see anything related to McAffe.
Thank You
Robert
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-31 23:45:29
-----------------------------
23:45:29.984 OS Version: Windows 5.1.2600 Service Pack 3
23:45:29.984 Number of processors: 1 586 0xD08
23:45:29.984 ComputerName: MOBILE UserName:
23:45:32.265 Initialize success
23:49:05.625 AVAST engine defs: 11110100
23:51:51.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:51:51.968 Disk 0 Vendor: HTS541080G9SA00 MB4OC60D Size: 76319MB BusType: 3
23:51:54.000 Disk 0 MBR read successfully
23:51:54.000 Disk 0 MBR scan
23:51:54.078 Disk 0 Windows 7 default MBR code
23:51:54.078 Disk 0 scanning sectors +156301110
23:51:54.203 Disk 0 scanning C:\WINDOWS\system32\drivers
23:52:16.500 Service scanning
23:52:17.468 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
23:52:18.046 Modules scanning
23:52:37.359 Disk 0 trace - called modules:
23:52:37.390 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys spwa.sys hal.dll >>UNKNOWN [0x8a10c938]<<
23:52:37.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a0a0ab8]
23:52:37.718 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a03eb00]
23:52:38.453 AVAST engine scan C:\WINDOWS
23:53:06.750 AVAST engine scan C:\WINDOWS\system32
23:55:54.671 AVAST engine scan C:\WINDOWS\system32\drivers
23:56:16.000 AVAST engine scan C:\Documents and Settings\Virginia1
00:30:05.531 AVAST engine scan C:\Documents and Settings\All Users
00:46:45.687 Scan finished successfully
02:06:52.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Virginia1\Desktop\MBR.dat"
02:06:52.500 The log file has been saved successfully to "C:\Documents and Settings\Virginia1\Desktop\aswMBR.txt"
Last edited by ken545; 2011-11-01 at 17:31.
Reason: Pasted aswMBR
-
Hi Robert,
aswMBR looks fine. Just copy and paste the logs we ask for into the thread in lew of attaching them, its easier for us to analyze.
As far as McAfee, I dont see it fully installed, just bits and pieces, try running this uninstaller if it can find it, the free version is fine
http://www.revouninstaller.com/revo_..._download.html
Please download Malwarebytes from Here or Here
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected .
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
- Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
-
I wonder if the file Malwarebytes found is a real piece of malwarel or not.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8066
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/2/2011 8:23:54 AM
mbam-log-2011-11-02 (08-23-54).txt
Scan type: Quick scan
Objects scanned: 305620
Time elapsed: 1 hour(s), 0 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\DelUS.bat (Malware.Trace) -> Quarantined and deleted successfully.
-
Well, if Malwarebytes removed it it must be bad .
Waiting for the OTL log
-
OTL logfile created on: 11/2/2011 8:51:30 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Virginia1\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 36.96% Memory free
2.35 Gb Paging File | 1.71 Gb Available in Paging File | 72.74% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.52 Gb Total Space | 16.71 Gb Free Space | 25.12% Space Free | Partition Type: NTFS
Drive D: | 7.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.76 Gb Total Space | 0.47 Gb Free Space | 6.07% Space Free | Partition Type: NTFS
Computer Name: MOBILE | User Name: Virginia1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Virginia1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
PRC - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Metamail Inc\Metamail Reader\Metamail Secure Server.exe (Metamail Corp.)
PRC - C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe (Metamail Corp.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
PRC - C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Sonic Solutions)
PRC - C:\WINDOWS\system32\acs.exe ()
PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\TOSHIBA\IVP\ISM\pinger.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\Program Files\FarStone\GameDrive\gdtask.exe (FarStone Technology Inc.)
PRC - C:\WINDOWS\system32\TaskSwitch.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
MOD - C:\Program Files\HP\Digital Imaging\Smart Web Printing\NeoLoggingLib.dll ()
MOD - C:\Program Files\Free Download Manager\iefdm2.dll ()
MOD - C:\WINDOWS\system32\TCtrlIO.dll ()
MOD - C:\WINDOWS\system32\acs.exe ()
MOD - C:\Program Files\Common Files\Roxio Shared\DLLShared\apm.dll ()
MOD - C:\WINDOWS\system32\FsLodLib.dll ()
MOD - C:\WINDOWS\system32\TaskSwitch.exe ()
========== Win32 Services (SafeList) ==========
SRV - (McSysmon) -- File not found
SRV - (McShield) -- File not found
SRV - (iPod Service) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (ACDaemon) -- File not found
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (TAPPSRV) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe ()
SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
========== Driver Services (SafeList) ==========
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (PalmUSBD) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys (DT Soft Ltd.)
DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (TVALD) -- C:\WINDOWS\system32\drivers\NBSMI.sys (Toshiba Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (tbiosdrv) -- C:\WINDOWS\system32\drivers\tbiosdrv.sys ()
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Sonic Solutions)
DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\dvd_2k.sys (Sonic Solutions)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Windows (R) 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\System32\drivers\Udfreadr.sys (Sonic Solutions)
DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\mmc_2k.sys (Sonic Solutions)
DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\Pwd_2k.sys (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (KR10N) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (gdxwdm) -- C:\WINDOWS\system32\drivers\gdxwdm.sys (FarStone Inc.)
DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = cdn
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = actsvr.comcastonline.com:8100
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = cdn
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = actsvr.comcastonline.com:8100
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
IE - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~1\Palm\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/02/26 23:56:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/10/21 09:43:15 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/02/26 08:47:04 | 000,431,774 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14864 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX5400 on MAIN] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P32 "Auto EPSON Stylus CX5400 on MAIN" /O12 "\\MAIN\EPSON" /M "Stylus CX5400" File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [GameDrive] C:\Program Files\FarStone\GameDrive\GDTask.exe (FarStone Technology Inc.)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe ()
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009..\Run: [GameDrive] C:\Program Files\FarStone\GameDrive\gdtask.exe (FarStone Technology Inc.)
O4 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB0.0; .NET CLR 1.1.4322; FDM; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.nickjr.com/kids-games/little-bears-jigsaw-puzzle.html" File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Metamail Trust Manager.lnk = C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe (Metamail Corp.)
O4 - Startup: C:\Documents and Settings\Kids\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk = File not found
O4 - Startup: C:\Documents and Settings\Virginia1\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = File not found
O4 - Startup: C:\Documents and Settings\Virginia1\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 8256
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1365152189-766300769-3890912586-1009\..Trusted Domains: honda.com ([www.in] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} http://www.in.honda.com/rraaapps/rra...X/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab (DDRevision Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/pla.../installer.exe (Reg Error: Key error.)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pattcw.att.motive.com/wizlet...tInstaller.cab (WebBrowserType Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9217A62-15DD-4935-A0F4-F7304D867F42}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Virginia1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Virginia1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/04 22:30:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/07/15 09:56:14 | 000,000,073 | R--- | M] () - D:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2331c990-def9-11db-adb5-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{2331c990-def9-11db-adb5-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2331c990-def9-11db-adb5-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/02 08:50:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Virginia1\Desktop\OTL.exe
[2011/11/02 00:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Virginia1\Application Data\Malwarebytes
[2011/11/02 00:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/02 00:52:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/02 00:52:36 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/02 00:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/02 00:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Virginia1\Start Menu\Programs\Revo Uninstaller
[2011/11/02 00:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/10/26 22:11:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/10/26 22:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/10/26 22:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/10/26 21:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/21 09:13:33 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/21 09:13:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/21 09:13:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2005/11/04 22:59:49 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/11/02 08:50:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Virginia1\Desktop\OTL.exe
[2011/11/02 08:45:06 | 136,766,677 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/02 08:40:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/02 08:40:16 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/02 08:38:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/02 08:27:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/02 08:27:33 | 1340,329,984 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/02 00:47:17 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Virginia1\Desktop\Revo Uninstaller.lnk
[2011/11/01 09:30:58 | 000,096,079 | ---- | M] () -- C:\Documents and Settings\Virginia1\Desktop\ARP.JPG
[2011/11/01 02:06:52 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Virginia1\Desktop\MBR.dat
[2011/10/31 03:01:42 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/27 20:17:24 | 000,016,542 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/10/24 10:27:27 | 000,247,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/23 19:37:20 | 000,443,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/23 19:37:20 | 000,072,556 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/21 09:46:31 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/21 09:09:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/11/02 00:47:17 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\Virginia1\Desktop\Revo Uninstaller.lnk
[2011/11/01 09:30:58 | 000,096,079 | ---- | C] () -- C:\Documents and Settings\Virginia1\Desktop\ARP.JPG
[2011/11/01 02:06:52 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Virginia1\Desktop\MBR.dat
[2011/03/18 23:08:37 | 000,077,375 | ---- | C] () -- C:\WINDOWS\hpqins05.dat.temp
[2010/05/03 21:09:11 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/18 09:37:52 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/04/18 09:37:52 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/04/18 09:31:37 | 000,069,632 | ---- | C] () -- C:\Program Files\2057.MST
[2010/04/18 09:31:37 | 000,013,822 | ---- | C] () -- C:\Program Files\0x0809.ini
[2010/04/18 09:31:32 | 115,331,072 | ---- | C] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/03/13 21:59:23 | 000,077,375 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/01/03 11:41:29 | 000,118,907 | ---- | C] () -- C:\WINDOWS\hpoins31.dat.temp
[2010/01/03 11:41:29 | 000,000,945 | ---- | C] () -- C:\WINDOWS\hpomdl31.dat.temp
[2009/12/12 19:13:59 | 000,023,156 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2009/08/30 04:10:16 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/21 16:58:40 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\AitVirtualComInstall.exe
[2009/07/20 20:10:48 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\InstallVCOM.exe
[2008/12/02 22:36:51 | 000,146,758 | ---- | C] () -- C:\WINDOWS\hpoins31.dat
[2008/12/02 22:36:51 | 000,000,945 | ---- | C] () -- C:\WINDOWS\hpomdl31.dat
[2008/10/05 22:20:10 | 000,000,273 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2008/08/27 11:57:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\LoadLib.INI
[2008/07/14 17:36:51 | 000,000,157 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/06/22 17:16:05 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/05/10 19:36:19 | 000,000,377 | ---- | C] () -- C:\WINDOWS\ereg077.dat
[2008/05/10 19:17:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2008/04/06 17:50:02 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt
[2008/03/14 13:28:47 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT
[2008/02/26 20:06:34 | 000,106,496 | ---- | C] () -- C:\Documents and Settings\Virginia1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/26 19:21:35 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Virginia1\Local Settings\Application Data\fusioncache.dat
[2007/12/29 17:25:41 | 000,000,098 | ---- | C] () -- C:\WINDOWS\DMI.ini
[2007/10/28 15:40:42 | 000,066,936 | -HS- | C] () -- C:\WINDOWS\dlinfo_0.drv
[2007/10/28 14:11:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\diabunin.exe
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/05/23 23:02:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\FSDataSvr.sys
[2007/05/23 22:49:31 | 000,005,501 | ---- | C] () -- C:\WINDOWS\System32\dptlcg32.dll
[2007/03/26 18:46:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/28 21:15:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2006/12/24 03:12:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2006/12/24 00:29:10 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/25 00:55:09 | 000,000,762 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/11/16 13:06:14 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2006/11/15 22:34:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2006/11/13 21:17:08 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\ControlWZCS.exe
[2006/11/13 21:17:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2006/11/13 21:17:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006/11/13 21:16:47 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\PlugPlayPCIDevice.exe
[2006/11/13 21:16:47 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\MFCFirstRemove.exe
[2006/11/13 17:55:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/30 19:16:05 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/11/30 19:16:05 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/11/30 19:16:05 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/11/30 19:16:05 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/11/29 18:52:15 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/11/29 18:22:11 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2005/11/29 18:22:11 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2005/11/29 18:22:08 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/11/29 18:22:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/11/29 18:16:48 | 000,004,528 | R--- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE
[2005/11/11 18:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/07 13:00:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/07 12:27:47 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/11/05 00:09:15 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/11/05 00:07:42 | 000,000,262 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/11/05 00:05:40 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/11/05 00:03:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/05 00:03:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/05 00:03:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/05 00:03:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/05 00:03:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/05 00:03:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/04 23:31:32 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2005/11/04 23:27:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/11/04 22:59:49 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/11/04 22:31:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/11/04 22:28:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/11/04 22:26:52 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/11/04 20:56:25 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/04 20:53:47 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2005/11/04 20:53:47 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2005/11/04 20:53:47 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2005/11/04 20:53:47 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2005/11/04 20:53:47 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2005/11/04 20:53:16 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/11/04 20:53:10 | 000,443,456 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/11/04 20:53:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/11/04 20:53:10 | 000,072,556 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/11/04 20:53:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/11/04 20:53:08 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/11/04 20:53:06 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/11/04 20:53:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/11/04 20:52:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/11/04 20:52:54 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/11/04 20:52:40 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/11/04 20:52:29 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/11/04 14:23:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/11/04 14:22:17 | 000,247,104 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/24 19:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/06/10 19:59:16 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2003/05/27 06:33:30 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExtend.dll
[2003/05/21 03:25:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExtend.dll
[2003/04/15 11:27:34 | 000,006,362 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCdx.sys
[2003/04/11 12:49:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\DxpApp.exe
[2003/04/11 11:53:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fsmesbox.dll
[2003/04/11 11:53:30 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\FsLodLib.dll
[2003/02/14 09:56:14 | 000,016,384 | ---- | C] () -- C:\WINDOWS\FSRunCmd.exe
[2002/03/19 21:30:00 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
[2002/03/19 21:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe
[1997/06/13 20:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== LOP Check ==========
[2011/06/24 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/06/24 20:47:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/11/20 19:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2008/07/05 00:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2009/05/03 22:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/06/24 19:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kingsoft
[2011/06/24 20:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/01/21 22:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/20 15:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2005/11/05 00:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/02/26 22:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{E53F90E0-D7CA-4310-8844-F6E688407890}
[2005/11/04 23:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2011/06/25 09:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kids\Application Data\AVG10
[2007/06/05 09:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kids\Application Data\FarStone
[2009/06/06 21:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kids\Application Data\HotSync
[2006/11/26 22:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kids\Application Data\InterVideo
[2005/11/04 23:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kids\Application Data\toshiba
[2011/06/24 20:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Kingsoft
[2011/07/21 11:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\AVG10
[2008/04/16 22:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\FarStone
[2009/05/05 12:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\HotSync
[2008/04/21 22:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\InterVideo
[2008/07/13 21:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\School Zone Preferences
[2005/11/04 23:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Makayla\Application Data\toshiba
[2007/05/23 23:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia\Application Data\FarStone
[2007/01/06 21:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia\Application Data\InterVideo
[2006/11/15 15:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia\Application Data\toshiba
[2011/06/26 22:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\AVG10
[2008/02/26 19:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\FarStone
[2009/05/04 21:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\HotSync
[2008/02/26 19:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\InterVideo
[2011/05/26 18:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\OpenOffice.org
[2008/02/26 19:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia1\Application Data\toshiba
[2011/09/12 18:52:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:773DA865
< End of report >
-
OTL Extras logfile created on: 11/2/2011 8:51:30 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Virginia1\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.25 Gb Total Physical Memory | 0.46 Gb Available Physical Memory | 36.96% Memory free
2.35 Gb Paging File | 1.71 Gb Available in Paging File | 72.74% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 66.52 Gb Total Space | 16.71 Gb Free Space | 25.12% Space Free | Partition Type: NTFS
Drive D: | 7.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 7.76 Gb Total Space | 0.47 Gb Free Space | 6.07% Space Free | Partition Type: NTFS
Computer Name: MOBILE | User Name: Virginia1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:UDP" = 427:UDP:*:Enabled:SLP_Port(427)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"20001:UDP" = 20001:UDP:*:Enabled:MicroSAN
"80:TCP" = 80:TCP:*:Enabled:Web
"427:UDP" = 427:UDP:*:Enabled:SLP_Port(427)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Robert\Local Settings\Temp\7zS0EAA\setup\HPZnui01.exe" = C:\Documents and Settings\Robert\Local Settings\Temp\7zS0EAA\setup\HPZnui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
"C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe" = C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
"C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe" = C:\Program Files\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam -- ()
"C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe" = C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)
"C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD" = C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"C:\Program Files\Atari\Risk II\RiskII.exe" = C:\Program Files\Atari\Risk II\RiskII.exe:*:Enabled:Risk II -- (Deep Red Games Ltd)
"C:\Program Files\FarStone\GameDrive\MGR.exe" = C:\Program Files\FarStone\GameDrive\MGR.exe:*:Disabled:VirtualDrive MGR -- (FarStone Technology Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe" = C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe:*:Enabled:BF1942 -- ()
"C:\Program Files\Diablo\diablo.exe" = C:\Program Files\Diablo\diablo.exe:*:Disabled:Diablo -- (Blizzard Entertainment)
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\1131163763\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1131163763\EE\AOLServiceHost.exe:*:Disabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon
"D:\Autorun.exe" = D:\Autorun.exe:*:Disabled:CD navigator
"C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Enabled:SAgent4
"C:\Program Files\Hasbro Interactive\Battleship SURFACE THUNDER\Battleship2.exe" = C:\Program Files\Hasbro Interactive\Battleship SURFACE THUNDER\Battleship2.exe:*:Enabled:Battleship SURFACE THUNDER -- (Meyer/Glass Interactive-10955 Golden West Drive-Hunt Valley-MD-21031)
"C:\Documents and Settings\Robert\Local Settings\Temp\7zS0EAA\setup\HPZnui01.exe" = C:\Documents and Settings\Robert\Local Settings\Temp\7zS0EAA\setup\HPZnui01.exe:*:Enabled:hpznui01.exe
"D:\bin\IA\Core\MDM_Util.exe" = D:\bin\IA\Core\MDM_Util.exe:*:Enabled:MDM_Util
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver
"{05E740C4-0F88-4673-9DAF-549E41A6CB21}" = AVG 2011
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28F9CB51-2F81-40BF-9545-6FD1FCB1AC44}" = Risk II
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}" = Atheros Client Utility
"{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}" = Roxio Easy Media Creator 7 Basic DVD Edition
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78AC18A2-12A9-4102-B0B7-C7558182D212}" = C6300
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7BD42C12-74D1-4804-B24D-D21E25D4E3CF}" = PS_AIO_04_C6300_ProductContext
"{7D543DFE-6459-462A-9A62-B5B012B1DCF1}" = AVG 2011
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88D18C5E-5113-4A1E-8EC9-2B7E24688A14}" = PS_AIO_04_C6300_Software_Min
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{9074AFC0-CFDA-11DE-B484-005056806466}" = Google Earth
"{909354DE-C180-4B00-B61F-9A6D805E5796}" = Battlefield 1942 Secret Weapons of WWII Demo
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{99832252-D489-4276-B961-6D505CF0AFAA}" = PS_AIO_04_C6300_Software
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9EDC4EA1-558A-4297-9BCB-F36E572E6B1D}" = C6300_Help
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA8DF709-6BAB-4092-91E0-4D67EFC12A98}" = HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE3F89C0-42D5-11D5-A40A-00105AC8331A}" = Metamail (Toshiba Registration Utility)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster for Battlefield Vietnam
"{D5BB0907-4BB2-46A3-AA68-0173D111058D}" = GameDrive
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{EBCCE08A-B3EE-40E7-96D7-31741D481015}" = No One Lives Forever 2
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EE3E60BC-F29F-4E7B-A110-B538387D34DA}" = No One Lives Forever - Game of the Year Edition
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F251B999-08A9-4704-999C-9962F0DFD88E}" = Virtual Desktop Manager Powertoy for Windows XP
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"All ATI Software" = ATI - Software Uninstall Utility
"Arthur's Kindergarten" = Arthur's Kindergarten
"Arthur's Math Games" = Arthur's Math Games
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"Battleship SURFACE THUNDER" = Battleship SURFACE THUNDER
"Caillou Ready For School" = Caillou Ready For School
"CareBears Catch A Star" = CareBears Catch A Star (remove only)
"CloneDVD2" = CloneDVD2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo" = Diablo
"Dogz" = Dogz (remove only)
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVDFab 7_is1" = DVDFab 7.0.9.3 (08/08/2010)
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"ERUNT_is1" = ERUNT 1.1j
"F1562C4E4C283E13CDA36F5FD2989D4B7D232B6C" = Windows Driver Package - ATEQ S.A (usbser) Ports (04/02/2009 6.1.2600.0)
"First Thousand Words" = First Thousand Words
"Free Download Manager_is1" = Free Download Manager 2.5
"Google Updater" = Google Updater
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InterActual Player" = InterActual Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Power Saver" = TOSHIBA Power Saver
"PuTTY_is1" = PuTTY version 0.60
"Revo Uninstaller" = Revo Uninstaller 1.93
"SAMSUNG Android USB Modem" = SAMSUNG Android USB Modem Software
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Scholastic's I SPY Junior Puppet Playhouse" = Scholastic's I SPY Junior Puppet Playhouse
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Land Before Time Kindergarten Adventure" = The Land Before Time Kindergarten Adventure
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Transition Math K-1" = Transition Math K-1
"Tweak UI 2.10" = Tweak UI
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/21/2011 9:44:34 AM | Computer Name = MOBILE | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2572073,
P2 1033, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 10/23/2011 7:29:46 PM | Computer Name = MOBILE | Source = ESENT | ID = 481
Description = svchost (1268) An attempt to read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
at offset 675840 (0x00000000000a5000) for 4096 (0x00001000) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.
Error - 10/23/2011 7:31:44 PM | Computer Name = MOBILE | Source = ESENT | ID = 481
Description = svchost (1268) An attempt to read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
at offset 610304 (0x0000000000095000) for 4096 (0x00001000) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.
Error - 10/23/2011 7:32:01 PM | Computer Name = MOBILE | Source = ESENT | ID = 481
Description = svchost (1268) An attempt to read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
at offset 634880 (0x000000000009b000) for 4096 (0x00001000) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.
Error - 10/23/2011 8:36:41 PM | Computer Name = MOBILE | Source = Application Hang | ID = 1002
Description = Hanging application RiskII.exe, version 1.0.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/23/2011 8:36:59 PM | Computer Name = MOBILE | Source = Application Hang | ID = 1001
Description = Fault bucket 02205014.
Error - 10/26/2011 8:47:52 PM | Computer Name = MOBILE | Source = Ci | ID = 4124
Description = Content index on c:\system volume information\catalog.wci is corrupt.
Please shutdown and restart the Indexing Service (cisvc).
Error - 10/26/2011 8:47:52 PM | Computer Name = MOBILE | Source = Ci | ID = 4126
Description = Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci.
Index will be automatically restored by refiltering all documents.
Error - 10/26/2011 9:25:22 PM | Computer Name = MOBILE | Source = ESENT | ID = 481
Description = svchost (1252) An attempt to read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
at offset 667648 (0x00000000000a3000) for 4096 (0x00001000) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.
Error - 10/26/2011 10:01:58 PM | Computer Name = MOBILE | Source = ESENT | ID = 481
Description = svchost (1252) An attempt to read from the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
at offset 446464 (0x000000000006d000) for 4096 (0x00001000) bytes failed with system
error 23 (0x00000017): "Data error (cyclic redundancy check). ". The read operation
will fail with error -1022 (0xfffffc02). If this error persists then the file
may be damaged and may need to be restored from a previous backup.
[ System Events ]
Error - 11/2/2011 1:01:22 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:11:45 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:11:50 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:11:54 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:39:54 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:39:58 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 1:40:02 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/2/2011 8:28:50 AM | Computer Name = MOBILE | Source = Service Control Manager | ID = 7000
Description = The McAfee Real-time Scanner service failed to start due to the following
error: %%3
Error - 11/2/2011 8:29:13 AM | Computer Name = MOBILE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
KR10N
Error - 11/2/2011 8:46:55 AM | Computer Name = MOBILE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
