Parts of Windows Going Blank

**CyCat** · 07-06-2012, 06:01 AM

My computer has started doing this weird blanking-out thing where sections of text disappear, not just from pages I view, but from the windows themselves. After it does this, I can click things and the cursor will change, but nothing changes on the screen. If I hit CTRL-ALT-DEL and open the task manager, the TM window never shows up. It won't even let me shut down the computer. The only thing I can do to stop it is to manually turn off the computer. Once I turn it back on, the computer is normal until it goes blank again.

I'm not sure if this is related, but whenever I search for something on Google, the first result I click (even if it's not the first result on the page) will bring up a window with a redirecting site. However, if I close that window and click the same result again, it lets me go to the right page.

I don't know if these issues are caused by some kind of memory problem or some form of malware, but the blanking out thing comes and goes. I'm not sure if it's caused by the computer being on too long or by me using a specific program that triggers it (the only ones I've used lately are MS Word, Internet Explorer, MS Paint, Avast, MBA-M, and spider solitaire). The only recent change in the computer is that we changed our internet service from high-speed to DSL.

Here is my most recent MBA-M log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.04.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Loren :: HP_MEDIA_CENTER [administrator]

7/4/2012 5:43:04 PM
mbam-log-2012-07-04 (17-43-04).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 691264
Time elapsed: 4 hour(s), 57 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCR\Interface\{77777777-7777-7777-7777-770077227758} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

~~~~~~~~~~~~~~~~~~~~~~

Here's the ESET log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8d4da9b111ef5a47b0c55a9656cdd22a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-04 09:33:23
# local_time=2012-07-04 04:33:23 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 109629481 109629481 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=271364
# found=6
# cleaned=6
# scan_time=22746
C:\Documents and Settings\Don\Application Data\Mozilla\Firefox\Profiles\xsoe2qdn.default\ext ensions\{b9be8754-9fd8-4bb2-b9ce-463db8c1db81}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\{b9be8754-9fd8-4bb2-b9ce-463db8c1db81}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll a variant of Win32/Kryptik.AHUY trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Loren\Local Settings\Temp\NODDBA.tmp a variant of Win32/Kryptik.AHUY trojan (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\5KT3V8PQ\superfish-1.4.8[1].js JS/Agent.NEJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\11lfjxat.default\ext ensions\{b9be8754-9fd8-4bb2-b9ce-463db8c1db81}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

~~~~~~~~~~~~~~~~~~~~~~

The DDS scan ran, but never gave me a log file, even though I ran it two or three times. Sorry about that.

**jholland1964** · 07-08-2012, 03:30 PM

Sorry it has taken so long for you to receive a reply, we are pretty short handed here.

When the DDS scan was run did you actually see the command box when the scan was running?
Delete the DDS scanner that you have and download a brand new copy and then try running DDS in Safe mode and see if you can get a log.

**CyCat** · 07-10-2012, 07:49 PM

No problem.

Yes, I saw the command box running. After it finished, the window telling you to post the logs to the forum came up, but the logs themselves never appeared. I uninstalled and reinstalled the scanner and ran it in safe mode, but, again, there were no logs.

There's also a new development- Although I'm no longer being redirected, when I log on, a window pops up saying this:
RUNDLL

Error loading C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll

The specified module could not be found.

And today, when I opened IE, the window asked me if I wanted to restore my last browsing session. I said yes, and it seemed to start doing it, but a second later, IE closed down. I tried to open IE twice more, but it would just close down again. I finally opened it without add-ons, then opened it normally, and that worked.

And there is an old issue that I forgot to mention in my first post: Whenever I first log on, for just the briefest moment, I see the outline of a window come up and disappear. It never stays up long enough for me to tell what it is, though.

**jholland1964** · 07-10-2012, 08:04 PM

After it finished, the window telling you to post the logs to the forum came up, but the logs themselves never appeared. I uninstalled and reinstalled the scanner and ran it in safe mode, but, again, there were no logs.

How long did you wait for the logs to appear? They take more than a few minutes to appear, the logs are very long and there are two of them. The command box itself will disappear and THEN the message about posting logs as shown in my attachment and in order to get the logs you need to click OK. Did you do this?

**CyCat** · 07-11-2012, 09:39 PM

I re-ran the test in both normal and safe mode, and waited an hour after each. Still no logs.

**jholland1964** · 07-11-2012, 09:53 PM

Did you click the OK Button on the information box about creating logs? It isn't going to show you those logs until you do, which that box tells you
"The logs will appear after you have closed this window", meaning you have to click OK to close the window.

**CyCat** · 07-11-2012, 11:51 PM

Yes, I hit OK.

**jholland1964** · 07-12-2012, 08:50 PM

Well try one more program:
Please download OTL by OldTimer and save it to your Desktop.Close all other applications and windows so that you have nothing open.
Double click on the

icon on your desktop.

Under Output, ensure that Minimal Output is selected.
Click the "Scan All Users" checkbox.
Leave the remaining selections to the default settings.
Click the button.
Do not use the computer while the scan is in progress.
When the scan is complete, two log files will open in Notepad:
- OTListIt.txt <- (will be maximized)
- Extras.txt <- (will be minimized in the Task Bar).
Both logs are automatically saved to the Desktop.
Please copy and paste the contents of OTListIt.txt and Extras.txt in your next reply.
If the Extras.txt log is too long, you may need to add a second reply to your thread or upload it as an attachment.
Click the red X in the upper right corner to exit OTL.

**CyCat** · 07-12-2012, 11:04 PM

OTL logfile created on: 7/11/2012 4:11:29 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Program Files
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.38% Memory free
2.60 Gb Paging File | 2.23 Gb Available in Paging File | 85.50% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.83 Gb Total Space | 26.85 Gb Free Space | 18.67% Space Free | Partition Type: NTFS
Drive D: | 5.19 Gb Total Space | 0.91 Gb Free Space | 17.45% Space Free | Partition Type: FAT32
Drive F: | 7.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: HP_MEDIA_CENTER | User Name: Loren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/11 16:10:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2012/07/03 11:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 11:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011/07/29 04:30:30 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/07/29 04:30:28 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/07/29 04:30:28 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/01/26 15:45:56 | 000,870,120 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
PRC - [2010/12/24 16:31:06 | 007,134,952 | ---- | M] () -- C:\WINDOWS\system32\WTMKM.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/30 08:09:33 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/11 13:53:34 | 001,782,272 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12071102\algo.dll
MOD - [2011/01/26 15:45:56 | 000,870,120 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
MOD - [2010/12/24 16:31:06 | 007,134,952 | ---- | M] () -- C:\WINDOWS\system32\WTMKM.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\vssvc.exe -- (VSS)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - File not found [Disabled | Stopped] -- LxrJD31s.exe -- (LxrJD31s)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dmadmin.exe /com -- (dmadmin)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\Ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/03 11:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011/07/29 04:30:30 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/07/29 04:30:28 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/01/26 15:45:56 | 000,870,120 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\atwtusb.exe -- (WTService)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/10/01 14:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/07/15 23:50:09 | 000,036,864 | ---- | M] (C-Dilla Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2005/10/06 19:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfilt.sys -- (SunkFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C160937-232B-4BEC-A273-D5818A86A444}\MpKsl41b2ff5a.sys -- (MpKsl41b2ff5a)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 11:21:53 | 000,202,928 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/07/03 11:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 11:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 11:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/07/03 11:21:52 | 000,113,776 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/07/03 11:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/12/18 18:42:20 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/09/06 15:10:01 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2011/01/27 09:16:16 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/11 13:33:48 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/04/28 08:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/03/07 12:00:03 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/08/20 19:38:24 | 000,006,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009/03/08 20:15:14 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2008/04/13 13:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2006/02/21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/12/12 17

00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/11/03 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/11/03 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/09/25 16

20 | 000,069,824 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2005/01/08 18:09:35 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/10/01 10:24:00 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/07/22 11:36:16 | 000,042,240 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2004/04/27 19:54:23 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/03/24 14:03:50 | 000,034,060 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/12/11 23:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/10/01 18:41:28 | 000,177,664 | ---- | M] (Emuzed, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EvcapMau.sys -- (EvcapMaui)
DRV - [2003/09/24 15:53:56 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr.sys -- (UdfReadr)
DRV - [2003/09/19 14:47:24 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/05/13 20:50:06 | 000,032,640 | ---- | M] (Canon Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\accskmd.sys -- (ACCSKMD)
DRV - [2003/03/06 13:48:08 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/06/21 18:42:50 | 000,008,224 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)
DRV - [2001/08/23 14:00:00 | 000,022,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/17 14:46:40 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\enum1394.sys -- (ENUM1394)
DRV - [2001/08/17 13:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
DRV - [2001/07/27 15:51:40 | 000,006,440 | ---- | M] (Aplix Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\APLIX2K.SYS -- (Aplix2k)
DRV - [2001/01/08 04:53:24 | 000,015,576 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbbc.sys -- (Wdm1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A0 0E 76 0E 36 5A B4 49 A0 BB FD 43 C1 46 1E EB [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A0 0E 76 0E 36 5A B4 49 A0 BB FD 43 C1 46 1E EB [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A0 0E 76 0E 36 5A B4 49 A0 BB FD 43 C1 46 1E EB [binary data]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A0 0E 76 0E 36 5A B4 49 A0 BB FD 43 C1 46 1E EB [binary data]
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com/
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A0 0E 76 0E 36 5A B4 49 A0 BB FD 43 C1 46 1E EB [binary data]
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\SearchScopes\{2B57C2B1-C561-4F36-8459-2772236669AB}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}&rlz=1I7GGLL_ en
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\SearchScopes\{46E12837-4909-6340-D713-EB52F116F548}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z006&form=ZGAIDF
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z006&form=ZGAADF&q="
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=Z006&form=ZGAPHP"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Loren\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Loren\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/04 14:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/27 14:10:07 | 000,000,000 | ---D | M]

[2010/06/08 09:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Extensions
[2012/06/29 21:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions
[2010/03/07 11:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/07/04 11:26:59 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\{b9be8754-9fd8-4bb2-b9ce-463db8c1db81}
[2010/03/07 11:18:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2012/05/05 10:24:49 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\crossriderapp2258@crossrider.com
[2010/03/07 11:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\ext ensions\staged-xpis
[2010/08/30 18:39:18 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Loren\Application Data\Mozilla\Firefox\Profiles\8v6ap3vz.default\sea rchplugins\bing-zugo.xml
[2012/07/03 20:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/07 11:18:04 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\LOREN\APPLICATION DATA\MOVE NETWORKS
[2006/05/21 21:15:12 | 000,060,518 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll
[2006/05/21 21:15:12 | 000,049,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll
[2006/05/21 21:15:12 | 000,165,992 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll
[2012/03/28 23:35:10 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2006/01/02 11:15:46 | 001,312,392 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2006/04/23 00:59:54 | 000,000,680 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.png
[2006/04/23 00:59:53 | 000,000,741 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.src
[2006/04/23 00:59:54 | 000,001,150 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.png
[2006/04/23 00:59:53 | 000,000,539 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.src
[2006/04/23 00:59:54 | 000,000,356 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.png
[2006/04/23 00:59:53 | 000,001,007 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.src
[2006/04/23 00:59:53 | 000,000,210 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.gif
[2006/04/23 00:59:53 | 000,001,056 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.src
[2006/04/23 00:59:54 | 000,001,076 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.gif
[2006/04/23 00:59:53 | 000,000,718 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.src
[2006/04/23 00:59:53 | 000,000,088 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.gif
[2006/04/23 00:59:54 | 000,001,122 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.src

O1 HOSTS File: ([2006/02/16 23:48:01 | 000,000,772 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MacrokeyManager] C:\WINDOWS\System32\WTMKM.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\.DEFAULT..\Run: [Apple Computer] rundll32.exe "C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll",CreateInstance File not found
O4 - HKU\S-1-5-18..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\S-1-5-18..\Run: [Apple Computer] rundll32.exe "C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll",CreateInstance File not found
O4 - HKU\S-1-5-19..\Run: [Apple Computer] rundll32.exe "C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll",CreateInstance File not found
O4 - HKU\S-1-5-20..\Run: [Apple Computer] rundll32.exe "C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll",CreateInstance File not found
O4 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006..\Run: [Apple Computer] rundll32.exe "C:\Documents and Settings\Loren\Local Settings\Application Data\ApplicationHistory\Apple Computer\wlvohg.dll",CreateInstance File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\autotbar.exe ()
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\mod_sm.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Don\Start Menu\Programs\Startup\DrgToDsc.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: _NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461 B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk File not found
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..Trusted Domains: booksamillion.com ([secure] https in Trusted sites)
O15 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..Trusted Domains: campvictoryal.org ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-2686116497-4067429917-283727249-1006\..Trusted Domains: centurylink.net ([install] https in Trusted sites)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdcc...d/tgctlins.cab (Support.com Installer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://activation.rr.com/install/downloads/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} http://install.anark.com/client/vers...n/AMClient.cab (Anark Client 3.0 ActiveX Control)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/s...re/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.microsoft.com/downlo...?1074717425015 (MSSecurityAdvisor Class)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} http://www.symantec.com/techsupp/asa/LSSupCtl.cab (LSSupCtl Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/downlo...22/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeup...tent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab (Reg Error: Key error.)
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} http://www.my-etrust.com/Extern/Road...n/pestscan.cab (PSFormX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/wind...?1341345311666 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/S.../bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsof...?1118280725140 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/F...ansferCtrl.cab (DLC Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/dow...in/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/sof...iveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx (Get_ActiveX Control)
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/Ms...Downloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/S.../bin/cabsa.cab (Symantec RuFSI Registry Information Class)
O16 - DPF: {CAFECAFE-0013-0001-0018-ABCDEFABCDEF} Reg Error: Value error. (JInitiator 1.3.1.18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get...nt/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} http://install.anark.com/client/vers...n/AMClient.cab (Anark Client ActiveX Control)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} http://liveca12.custhelp.com/7530-b3.../java/RntX.cab (Live Collaboration)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326 (QDiagHUpdateObj Class)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab (IWinAmpActiveX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HP_Media_Center_m385c
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{52619888-9E6D-44AE-82A1-4D3DFF8761B3}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Loren\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Loren\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/19 23:45:03 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2002/07/15 08:56:14 | 000,000,073 | R--- | M] () - F:\AUTORUN.INF -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/11 16:10:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2012/07/09 13:09:20 | 000,607,260 | R--- | C] (Swearware) -- C:\Program Files\dds.scr
[2012/07/04 10:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/07/03 23:59:24 | 000,000,000 | ---D | C] -- C:\c98007429f43e43d5c35
[2012/07/03 21:21:33 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Program Files\tdsskiller.exe
[2012/07/03 20:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/07/03 20:38:33 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Program Files\JavaSetup7u5.exe
[2012/07/03 16:13:11 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012/07/03 16:11:02 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/07/03 15:31:48 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012/07/03 15:30:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012/07/03 14:56:07 | 000,015,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012/06/27 14:03:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/17 05:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/17 05:52:42 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/17 05:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/17 05:49:39 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe
[2011/12/19 20:44:49 | 000,909,600 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\JavaSetup6u30.exe
[2011/12/14 21:07:09 | 025,740,256 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu2.exe
[2011/12/14 20:53:58 | 025,740,256 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-enu.exe
[21 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Loren\Desktop\*.tmp files -> C:\Documents and Settings\Loren\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Loren\*.tmp files -> C:\Documents and Settings\Loren\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/11 16:20:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99FBAE52-9C41-41A3-945E-7347078791F8}.job
[2012/07/11 16:10:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2012/07/11 11:11:22 | 000,483,004 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/11 11:11:22 | 000,080,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/11 11:08:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/11 11:08:54 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/11 11:06:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/11 11:06:41 | 2146,816,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/11 11:06:41 | 000,443,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 00:26:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/09 20:21:10 | 000,000,511 | ---- | M] () -- C:\Documents and Settings\Loren\Desktop\Shortcut to dds.scr.lnk
[2012/07/09 18:43:30 | 000,015,302 | ---- | M] () -- C:\Documents and Settings\Loren\.recently-used.xbel
[2012/07/09 13:09:21 | 000,607,260 | R--- | M] (Swearware) -- C:\Program Files\dds.scr
[2012/07/07 11:04:13 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/05 14:52:56 | 000,003,471 | ---- | M] () -- C:\Documents and Settings\Loren\Desktop\READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker) - MajorGeeks Support Forums.url
[2012/07/05 00:16:28 | 000,000,390 | ---- | M] () -- C:\Documents and Settings\Loren\Desktop\Top prevention apps that dont eat up resources like mad.url
[2012/07/03 21:21:28 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\tdsskiller.exe
[2012/07/03 20:46:14 | 000,000,388 | ---- | M] () -- C:\Documents and Settings\Loren\My Documents\spider.sav
[2012/07/03 20:38:36 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Program Files\JavaSetup7u5.exe
[2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 11:21:53 | 000,202,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2012/07/03 11:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 11:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 11:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 11:21:53 | 000,018,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2012/07/03 11:21:52 | 000,113,776 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2012/07/03 11:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 11:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 11:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/27 14:10:08 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/06/19 00:23:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/19 00:23:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/17 05:52:46 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/17 05:49:44 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe
[2012/06/13 08:19:59 | 001,866,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/06/13 08:19:59 | 001,866,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[21 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Loren\Desktop\*.tmp files -> C:\Documents and Settings\Loren\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Loren\*.tmp files -> C:\Documents and Settings\Loren\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/10 15:14:37 | 2146,816,000 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/09 20:21:10 | 000,000,511 | ---- | C] () -- C:\Documents and Settings\Loren\Desktop\Shortcut to dds.scr.lnk
[2012/07/09 18:43:30 | 000,015,302 | ---- | C] () -- C:\Documents and Settings\Loren\.recently-used.xbel
[2012/07/07 11:04:13 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/05 00:16:37 | 000,000,390 | ---- | C] () -- C:\Documents and Settings\Loren\Desktop\Top prevention apps that dont eat up resources like mad.url
[2012/07/03 15:47:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/07/03 15:47:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/07/03 14:39:39 | 000,000,844 | ---- | C] () -- C:\Documents and Settings\Loren\Desktop\Internet Explorer (No Add-ons) (2).lnk
[2012/06/27 14:07:05 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012/06/27 14:07:05 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/06/17 05:52:46 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/03 09:51:26 | 007,134,952 | ---- | C] () -- C:\WINDOWS\System32\WTMKM.exe
[2012/01/03 09:51:25 | 003,683,560 | ---- | C] () -- C:\WINDOWS\System32\Control Panel_Betteryless.exe
[2012/01/03 09:51:24 | 000,835,072 | ---- | C] () -- C:\WINDOWS\RmTablet.exe
[2012/01/03 09:50:42 | 008,057,991 | ---- | C] () -- C:\Program Files\CTv411.zip
[2011/12/18 18:38:15 | 000,771,072 | ---- | C] () -- C:\Program Files\RogueKiller.exe
[2011/11/27 04:14:41 | 000,010,513 | ---- | C] () -- C:\WINDOWS\System32\Default_3.ini
[2011/11/27 04:14:41 | 000,010,251 | ---- | C] () -- C:\WINDOWS\System32\Default_2.ini
[2011/11/27 04:14:41 | 000,009,868 | ---- | C] () -- C:\WINDOWS\System32\Default_1.ini
[2011/11/27 04:14:41 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\MKProfile.ini
[2011/11/27 04:14:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallService.exe
[2011/11/27 04:14:39 | 000,870,120 | ---- | C] () -- C:\WINDOWS\System32\atwtusb.exe
[2011/11/27 04:14:39 | 000,148,200 | ---- | C] () -- C:\WINDOWS\System32\Calibration.exe
[2011/11/27 04:14:39 | 000,010,686 | ---- | C] () -- C:\WINDOWS\System32\aiptbl.ini
[2011/10/13 12:53:31 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/10/12 23:28:49 | 000,005,474 | ---- | C] () -- C:\Documents and Settings\Loren\Application Data\78426563
[2011/10/12 23:13:11 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Loren\Application Data\8f3a1299
[2011/10/12 23:12:54 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Loren\Application Data\6fe7ed66
[2011/07/19 02:52:18 | 000,005,814 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\78088ge267pi18h0pgt1h126x7vx7x62cv42ml42ld
[2011/07/19 02:52:18 | 000,005,814 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\78088ge267pi18h0pgt1h126x7vx7x62cv42ml42ld
[2011/07/12 00:24:44 | 000,005,908 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\7o6hg12ltxma4w6
[2011/07/12 00:24:44 | 000,005,908 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7o6hg12ltxma4w6
[2011/06/30 20:06:20 | 000,011,962 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\k5ihj1v20246mi
[2011/06/30 20:06:20 | 000,011,962 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\k5ihj1v20246mi
[2011/05/13 12:06:01 | 000,013,566 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\13nnf18pd0364y8w46p0i346m583t86kk1odd1c8w0
[2011/05/13 12:06:01 | 000,013,566 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\13nnf18pd0364y8w46p0i346m583t86kk1odd1c8w0
[2011/04/18 13:37:27 | 000,009,802 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\23p2ct64n5i40
[2011/04/18 13:37:27 | 000,009,802 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\23p2ct64n5i40
[2011/02/10 15:10:29 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/27 14:17:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2010/03/17 05:55:29 | 000,027,210 | ---- | C] () -- C:\Documents and Settings\Loren\Application Data\Personal Address Book.ADR
[2010/03/03 17:12:43 | 000,012,758 | -HS- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\g0kGW74PfDq4
[2006/02/28 19:18:17 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/03/20 20:31:56 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2004/10/09 08:06:30 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2004/04/25 13:59:38 | 002,726,658 | ---- | C] () -- C:\Documents and Settings\All Users\Bristols' email error.bmp
[2004/01/21 18:44:15 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Loren\.plugin141_02.trace
[2004/01/20 18:40:00 | 000,084,992 | ---- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/20 18:40:00 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Loren\Local Settings\Application Data\fusioncache.dat

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB27310$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP

FC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

**CyCat** · 07-12-2012, 11:07 PM

OTL Extras logfile created on: 7/11/2012 4:11:29 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Program Files
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 71.38% Memory free
2.60 Gb Paging File | 2.23 Gb Available in Paging File | 85.50% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.83 Gb Total Space | 26.85 Gb Free Space | 18.67% Space Free | Partition Type: NTFS
Drive D: | 5.19 Gb Total Space | 0.91 Gb Free Space | 17.45% Space Free | Partition Type: FAT32
Drive F: | 7.68 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: HP_MEDIA_CENTER | User Name: Loren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"5985:TCP" = 5985:TCP:*

isabled:Windows Remote Management
"80:TCP" = 80:TCP:*

isabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019
"C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe" = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe:*:Enabled:BackWeb-137903
"C:\Program Files\Juno\bin\juno.exe" = C:\Program Files\Juno\bin\juno.exe:*:Enabled:Juno
"C:\Program Files\Hewlett-Packard\HP DeskJet 1220C Toolbox\HPW8TBX.exe" = C:\Program Files\Hewlett-Packard\HP DeskJet 1220C Toolbox\HPW8TBX.exe:*:Enabled:Toolbox for HP Printing System for Windows -- (Hewlett-Packard Company)
"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade
"C:\Program Files\Common Files\4WARN\TrueWeather.exe" = C:\Program Files\Common Files\4WARN\TrueWeather.exe:*:Enabled:TrueWeather
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{031C88EF-4EA5-4A9D-A77D-857A914CAFA5}" = ScanSoft RealSpeak
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{047815FB-4E38-42D5-95CB-8A131DDD8668}" = Microsoft Windows Theme Nunavut
"{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DDFF679-AEDE-4BD3-8B56-0180A96BD1A7}" = OmniPage Pro 12.0
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{155FBB0D-0EE9-42D1-9E41-15E08F691033}" = Microsoft Producer for Microsoft Office PowerPoint 2003
"{16D9439B-DF3D-43D1-A727-4B335300D07A}" = OverDrive Media Console
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2236B741-6631-49AE-B76E-3E14CA01CC87}" = RemoteCapture Task
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24E7B19B-EA09-483F-8735-97DD371E861B}" = SA32xx Media Converter
"{27D0C7AB-59F1-4D4D-A0BB-05A31AC919EA}" = Windows XP Winter Fun Pack Screensavers
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39B1915D-3CBA-42F8-8A58-2AB5587BF863}" = Microsoft Office PowerPoint 2003 Template Creation Wizard
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FE455E3-85CD-4727-A82E-084014614D95}" =
"{42948B02-7191-40CF-92AA-4E330869B28B}" = HPIZ Fix2
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{595D0DE8-C38A-4432-B851-47DECC1A99BD}" = HP Unload DLL Patch
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{619B8475-0F48-41B7-A370-5147F7092989}" = Virtual Earth 3D (Beta)
"{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}" = Windows Rights Management Client with Service Pack 2
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67E4EE98-59F4-4210-89A6-A20AF5BEC689}" = Microsoft Streets and Trips 2005 with USB GPS
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68249B6E-B714-11D7-88E8-0050DA21757E}" = Oracle JInitiator 1.3.1.18
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{7501B512-0E3E-4259-A836-A97327C2368D}" = Microsoft Security Risk Self-Assessment Tool
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{796ADAFF-7C5B-4CED-BA11-55A3644F1E0D}" = HP Photo and Imaging 2.2 - Scanjet 3970 Series
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{7CDC26F7-D6BF-442A-B599-0075A48310F7}" = SA32xx Device Manager
"{808FAA20-4C3A-11D4-8A57-00201853C903}" = PC-Linq
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90AB0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 1
"{90AC0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 2
"{90AD0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 3
"{90AD8C11-ED4A-4AE7-BB70-7740C452C999}" = Visual J# .NET Redistributable Package
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{94F9723E-900A-43C5-8F4E-AD2D2ED09273}" = Microsoft Visio Viewer 2002
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Camera Window
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A73EFA95-4872-4AE3-8EE9-10D2E2D713CF}" = RoadRunner
"{AA428090-A5C2-11D4-8B8B-0050BA89596C}" = Ultimate Financial Calculator
"{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE98861E-5D55-4787-9E18-6A054783D124}" = Windows XP Creativity Fun Packs - Windows Media Player 9 Series
"{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}" = PaperPort 8.0
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B662D841-AAA0-41E8-B2AB-E374560DC5B1}" = Multimedia Card Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{C05E2D43-A05F-4835-A15C-CD0AD1576506}" = PhotoStitch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C4868E88-F5B5-4E45-9592-C7062BD97441}" = Symantec Technical Support Web Controls
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFD1B282-555D-494d-8231-4175C2AF08C2}" = PrintScreen
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D57ACD92-6A27-43BB-B3AE-894930940D41}" = SA32xx Media Converter
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DA3E6578-3CA9-4869-957B-1C4B8CCB6384}" = MotionDV STUDIO 3
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC1D7AD2-583A-4024-9041-387E8FFA5D8C}" = MediaFACE II
"{DF15059E-A356-47B2-B14B-6380ED32AB68}" = Microsoft Baseline Security Analyzer 1.2.1
"{E0343A4C-2FFD-4CCB-B0EB-5DE9F0E2A083}" = LS_HSI
"{E1423608-F529-40A1-93CA-C7F396F30DF0}" = Google SketchUp
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAF0DAD8-1EA7-4FEF-80E5-8D8D6EBD5A23}" = RAW Image Task
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCC3BD6A-F118-475D-8748-7EE08EA0AF56}" = HDView for Internet Explorer
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF2A5498-4EFE-430F-A138-7EB365DBEBAD}" = Adobe Shockwave Player 11.6
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe AIR" = Adobe AIR
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"audcle" = Plus! MP3 Audio Converter LE
"avast" = avast! Internet Security
"Avery Wizard 2.1 MSW10" = Avery® Wizard 2.1 for Microsoft® Word 2002
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"BackWeb-137903 Uninstaller" = Updates from HP
"Belarc Advisor 2.0" = Belarc Advisor 6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"DFx.DriverAssembly.cfb7d3fc0ab7f7a3133a6c25509eaf 3479108975" = Windows Driver Package - Realtek Semiconductor Corp. MEDIA 12/12/2003 5.10.00.5410
"DreamAqua" = Dream Aquarium
"drmtool.inf" = Personal License Update Wizard for Windows Media Player
"ESET Online Scanner" = ESET Online Scanner v3
"Graph" = Graph
"HP DeskJet 1220C Printer" = HP DeskJet 1220C Printer
"HP DVD" = HP DVD Writer
"HPTOOLKIT" = toolkit
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Img2Ozf_is1" = Img2Ozf Version 3
"InstallShield_{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"InstallShield_{2236B741-6631-49AE-B76E-3E14CA01CC87}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"InstallShield_{B662D841-AAA0-41E8-B2AB-E374560DC5B1}" = Multimedia Card Reader
"InstallShield_{C05E2D43-A05F-4835-A15C-CD0AD1576506}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"InstallShield_{DA3E6578-3CA9-4869-957B-1C4B8CCB6384}" = MotionDV STUDIO
"InstallShield_{FAF0DAD8-1EA7-4FEF-80E5-8D8D6EBD5A23}" = Canon RAW Image Task for ZoomBrowser EX
"Intel(R) MTH ID Utility" = Intel(R) MTH ID Utility
"Interactive Repair Manuals" = Interactive Repair Manuals
"InterActual Player" = InterActual Player
"IPIX ActiveX Viewer" = iPIX ActiveX Viewer
"Java Web Start" = Java Web Start
"JDSecure" = JD Secure 3.1
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Media Center Solitaire" = Media Center Solitaire
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual J# .NET Redistributable Package(ENU) v1.0.4205" = Microsoft Visual J# .NET Redistributable Package(ENU) v1.0.4205
"mmmusic" = Movie Maker Background Music Files
"mmsounds" = Movie Maker Sound Effects
"mmtitle" = Movie Maker Title Images
"mplibwiz.inf" = Media Library Management Wizard
"mpxlswiz.inf" = Windows Media Player Playlist Import to Excel Wizard
"mpxptray.inf" = Windows Media Player Tray Control
"MVApplication1" = SureThing CD Labeler 4 SE
"MVApplication2" = Memorex exPressit Label Design Studio
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Passport to 35 Languages" = Passport to 35 Languages
"PowerArchiver" = PowerArchiver
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealPlayer
"RmTablet" = Tablet Driver With Macrokey Manager
"Road Runner Install_is1" = Road Runner Install
"Roxio UDF Reader" = Roxio UDF Reader
"ScanSoft PaperPort Viewer 7.0" = ScanSoft PaperPort Viewer 7.0
"Secunia PSI" = Secunia PSI (2.0.0.4002)
"Shockwave" = Shockwave
"Sibelius Scorch" = Sibelius Scorch
"SkillSoft Course Manager" = SkillSoft Course Manager
"ST6UNST #2" = Detroit Iron Information Systems 2.0
"TATS-DL" = TATS-DL
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
"Textbook Edition" = Textbook Edition
"ToolBook II 6.1 Runtime Files" = ToolBook II 6.1 Runtime Files
"wa2wmp" = Windows Media Player Skin Importer
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Media Center Edition Screen Saver Screen Saver" = Windows XP Media Center Edition Screen Saver Screen Saver
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Without E - Winamp Visualization" = Without E - Winamp Visualization
"WMBK2" = Windows Media Bonus Pack for Windows XP
"WMCSetup" = Windows Media Connect
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2686116497-4067429917-283727249-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/5/2012 8:20:09 PM | Computer Name = HP_MEDIA_CENTER | Source = Userenv | ID = 1512
Description = Windows cannot unload your registry file. The memory used by the registry
has not been freed. This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or NetworkService
account. If this problem persists, contact your administrator. DETAIL - Insufficient
system resources exist to complete the requested service.

Error - 7/6/2012 5:22:34 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

Error - 7/7/2012 12:25:44 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

Error - 7/8/2012 12:25:55 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

Error - 7/9/2012 4:39:16 AM | Computer Name = HP_MEDIA_CENTER | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module aswwebrepie.dll, version 7.0.1456.418, fault address 0x0004d9fb.

Error - 7/9/2012 12:25:58 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

Error - 7/9/2012 1:41:56 PM | Computer Name = HP_MEDIA_CENTER | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module aswwebrepie.dll, version 7.0.1456.418, fault address 0x0004d9fb.

Error - 7/10/2012 6:06:10 AM | Computer Name = HP_MEDIA_CENTER | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/10/2012 4:15:36 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

Error - 7/11/2012 12:25:45 PM | Computer Name = HP_MEDIA_CENTER | Source = Windows Media Center Download | ID = 82
Description = Program Guide info not available. Data may be corrupt. Please reboot
and try again.

[ System Events ]
Error - 7/11/2012 12:12:13 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

Error - 7/11/2012 12:12:14 PM | Computer Name = HP_MEDIA_CENTER | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}.
The
error: "%2" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe
-secured -Embedding

< End of report >

Thread: Parts of Windows Going Blank

Thread Tools

Display

Hybrid View

Parts of Windows Going Blank

Thread Information

Users Browsing this Thread

Posting Permissions