Askey127,
PC Tools and Semantec up to date. Semantec as you can see is disabled.
Rkill log:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 12/11/2011 at 15:12:32.
Operating System: Windows Vista (TM) Ultimate
Processes terminated by Rkill or while it was running:
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\ehome\mcupdate.EXE
Rkill completed on 12/11/2011 at 15:13:13.
OTL:
OTL logfile created on: 12/11/2011 3:24:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Robert Smith\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 42.45% Memory free
4.24 Gb Paging File | 2.48 Gb Available in Paging File | 58.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 185.33 Gb Free Space | 62.17% Space Free | Partition Type: NTFS
Computer Name: ROBERTSMITH-PC | User Name: Robert Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/12/11 15:20:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Smith\Desktop\OTL.exe
PRC - [2011/05/15 13:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/01/13 15:17:26 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/12/08 14:41:58 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/12/08 14:41:58 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/12/08 14:41:54 | 001,893,728 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/12/08 14:41:54 | 001,839,776 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/12/08 14:41:54 | 001,459,568 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/05/27 12:41:52 | 000,385,024 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010/05/27 10:59:54 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/05/27 10:59:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/23 01:50:12 | 002,079,232 | ---- | M] (OrdinarySoft) -- C:\Program Files\Vista Start Menu\VistaStartMenu.exe
PRC - [2007/08/30 00:05:10 | 000,790,609 | ---- | M] (Belkin International, Inc.) -- C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe
PRC - [2007/05/22 18:17:02 | 000,020,539 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
========== Modules (No Company Name) ========== MOD - [2011/10/13 02:30:48 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/07/05 12:42:16 | 000,091,520 | ---- | M] () -- C:\Program Files\SOS Online Backup\ClientApi.dll
MOD - [2011/04/14 19:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/05/27 10:24:24 | 000,023,040 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (McciCMService)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/12/08 14:41:58 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/12/08 14:41:58 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/12/08 14:41:54 | 001,893,728 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/12/08 14:41:54 | 001,839,776 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/12/08 14:41:54 | 000,357,744 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/09/07 16:05:51 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/05/27 10:59:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/04/21 11:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 11:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/04/11 00:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/22 18:36:48 | 000,061,440 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe -- (Marvell RAID)
SRV - [2007/05/22 18:17:02 | 000,020,539 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe -- (MRUWebService)
========== Driver Services (SafeList) ========== DRV - [2011/11/15 12:05:24 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111202.032\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/15 12:05:24 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111202.032\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/15 03:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/15 03:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/29 18:34:58 | 000,125,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/12/08 14:41:58 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/12/08 14:41:58 | 000,284,720 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/12/08 14:41:58 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/12/08 14:41:52 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/12/08 14:41:52 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/12/08 14:41:52 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2010/12/08 14:41:50 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/05/27 11:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/05/27 11:38:24 | 005,586,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/05/27 10:25:18 | 000,209,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 03:21:36 | 000,105,488 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/03 15:33:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/09/03 15:33:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/11/13 19:49:50 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2007/07/26 21:03:00 | 000,058,880 | ---- | M] (silex technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sxuptp.sys -- (sxuptp)
DRV - [2007/05/24 21:29:02 | 000,137,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\mv61xx.sys -- (mv61xx)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 64 FD 0F 8D B3 CC 01 [binary data]
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems:
FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.76
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/12/07 14:25:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011/12/07 14:26:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins [2011/11/11 14:20:02 | 000,000,000 | ---D | M]
[2010/05/12 15:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Extensions
[2011/12/10 14:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Firefox\Profiles\lfraugc4.default\extensions
[2010/05/17 17:28:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Firefox\Profiles\lfraugc4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/17 17:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Firefox\Profiles\lfraugc4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
[2011/12/10 14:45:09 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Firefox\Profiles\lfraugc4.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/12/10 14:45:08 | 000,001,945 | ---- | M] () -- C:\Users\Robert Smith\AppData\Roaming\Mozilla\Firefox\Profiles\lfraugc4.default\searchplugins\bing-zugo.xml
[2011/12/06 13:20:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/07 14:26:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/19 12:47:22 | 000,172,344 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2010/06/08 16:49:45 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/02/26 17:03:12 | 000,036,864 | ---- | M] (Homestead Technologies, Inc.) -- C:\Program Files\mozilla firefox\plugins\nphssb.dll
[2011/11/20 19:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/20 19:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/search?q={searchTerms}&pc=Z127&form=ZGACDF&install_date=20111210
CHR - default_search_provider: suggest_url =
http://api.bing.com/osjson.aspx?query=%s,
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Robert Smith\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Robert Smith\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Robert Smith\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\npatgpc.dll
CHR - plugin: Homestead SiteBuilder Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugins\nphssb.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\Robert Smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\
CHR - Extension: goo.gl URL Shortener = C:\Users\Robert Smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.2_0\
CHR - Extension: Poppit = C:\Users\Robert Smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000..\Run: [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - Startup: C:\Users\Robert Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belkin Network USB Hub Control Center.lnk = C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe (Belkin International, Inc.)
O4 - Startup: C:\Users\Robert Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk = C:\Users\Robert Smith\AppData\Local\Autobahn\nexdef.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &3 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &4 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &5 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\..Trusted Domains: homestead.com ([install] http in Trusted sites)
O15 - HKU\S-1-5-21-897265402-1281397169-1080296097-1000\..Trusted Ranges: Marvell ([http] in Local intranet)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623}
http://www.alternatiff.com/install-ie/alttiff.cab (AlternaTIFF ActiveX)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
http://tools.ebayimg.com/eps/wl/activex ... 0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools
http://email01.secureserver.net/Download.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FE5B819-7ACA-4359-850D-31FE9D7A2A76}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9543F3DF-25CC-40E6-8D0A-6B2F6337E906}: NameServer = 4.2.2.2,4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDF82118-9205-4453-AD4E-7755D8BABD4E}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/12/11 15:20:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Robert Smith\Desktop\OTL.exe
[2011/12/10 14:49:33 | 000,000,000 | ---D | C] -- C:\Users\Robert Smith\AppData\Roaming\ImgBurn
[2011/12/10 14:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2011/12/10 14:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/12/08 12:48:10 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Robert Smith\Desktop\dds.scr
[2011/12/07 13:03:52 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/12/07 13:03:52 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/12/07 13:03:51 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/12/07 13:03:51 | 000,103,232 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/12/07 13:03:46 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/12/07 13:03:46 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/12/07 13:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/07 13:03:23 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/12/07 13:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/12/07 13:03:02 | 000,000,000 | ---D | C] -- C:\Users\Robert Smith\AppData\Roaming\PC Tools
[2011/12/07 13:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/12/07 13:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/12/07 12:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/05 17:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2011/12/05 17:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2011/12/05 11:29:16 | 000,000,000 | ---D | C] -- C:\Users\Robert Smith\Desktop\Set-up files
[2011/12/05 10:44:38 | 000,000,000 | ---D | C] -- C:\Users\Robert Smith\Desktop\Desktop working files
[2011/12/02 16:13:37 | 072,348,368 | ---- | C] (Microsoft Corporation) -- C:\Users\Robert Smith\Desktop\msert.exe
[2011/12/02 16:08:08 | 000,347,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Robert Smith\Desktop\MicrosoftFixit.WinSecurity.Run.exe
[2011/11/28 14:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
========== Files - Modified Within 30 Days ========== [2011/12/11 15:25:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/12/11 15:20:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Smith\Desktop\OTL.exe
[2011/12/11 15:18:45 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E29A13F3-F360-4D60-9B06-8B2BF0D7E333}.job
[2011/12/11 15:11:51 | 001,008,120 | ---- | M] () -- C:\Users\Robert Smith\Desktop\rkill.exe
[2011/12/11 15:08:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-897265402-1281397169-1080296097-1000UA.job
[2011/12/11 14:38:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/11 13:57:47 | 000,023,624 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/12/11 13:56:20 | 000,673,870 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/11 13:56:20 | 000,128,302 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/11 13:51:56 | 000,000,162 | ---- | M] () -- C:\Windows\System32\61xx.xml
[2011/12/11 13:51:45 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/11 13:51:45 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegistryPC Startup.job
[2011/12/11 13:51:41 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/11 13:51:41 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/11 13:51:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/10 14:40:23 | 000,046,637 | ---- | M] () -- C:\Users\Robert Smith\Desktop\memtest86-3.4a.iso.zip
[2011/12/09 10:50:07 | 000,497,947 | ---- | M] () -- C:\Users\Robert Smith\Desktop\Todville Lots @Brummerhop&1st..pdf
[2011/12/08 12:48:19 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Robert Smith\Desktop\dds.scr
[2011/12/08 12:00:00 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\RegistryPC Scan.job
[2011/12/08 02:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-897265402-1281397169-1080296097-1000Core.job
[2011/12/08 02:07:23 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\SOS Online Backup -
rsmith@houstonsuburbanrealestate.com.job[2011/12/07 21:23:20 | 000,002,637 | ---- | M] () -- C:\Users\Robert Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2011/12/07 20:29:11 | 000,005,543 | ---- | M] () -- C:\Users\Robert Smith\Desktop\Spyware results.htm
[2011/12/07 13:05:04 | 002,415,884 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/12/07 13:03:40 | 000,001,786 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/07 12:58:22 | 000,512,992 | ---- | M] () -- C:\Users\Robert Smith\Desktop\Spybot-Spyware-Doctor-Install-rw.exe
[2011/12/07 12:53:51 | 000,014,336 | ---- | M] () -- C:\Users\Robert Smith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/07 12:49:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/12/06 15:22:14 | 000,002,032 | ---- | M] () -- C:\Users\Robert Smith\AppData\Local\d3d9caps.dat
[2011/12/05 16:59:31 | 002,434,560 | ---- | M] () -- C:\Users\Robert Smith\Desktop\UltraMon_3.1.0_en_x32.msi
[2011/12/05 16:01:27 | 020,423,608 | ---- | M] () -- C:\Users\Robert Smith\Desktop\emailscan.pdf
[2011/12/05 12:51:37 | 000,002,655 | ---- | M] () -- C:\Users\Public\Desktop\OneClick Optimization.lnk
[2011/12/05 10:42:34 | 000,000,936 | ---- | M] () -- C:\Users\Robert Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/12/04 04:29:00 | 000,000,454 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011/12/03 16:45:32 | 000,002,621 | ---- | M] () -- C:\Users\Public\Desktop\SystemTechVista.lnk
[2011/12/03 15:47:31 | 000,000,272 | ---- | M] () -- C:\Windows\System32\.crusader
[2011/12/02 16:14:54 | 072,348,368 | ---- | M] (Microsoft Corporation) -- C:\Users\Robert Smith\Desktop\msert.exe
[2011/12/02 16:08:09 | 000,347,920 | ---- | M] (Microsoft Corporation) -- C:\Users\Robert Smith\Desktop\MicrosoftFixit.WinSecurity.Run.exe
[2011/12/02 15:50:41 | 168,236,370 | ---- | M] () -- C:\Users\Robert Smith\Desktop\SEP11.0.7_WIN32BIT_UNMANAGED.exe
[2011/12/02 13:38:36 | 247,094,889 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/28 16:44:38 | 000,001,324 | ---- | M] () -- C:\Windows\System32\log.xml
[2011/11/28 14:43:00 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/22 05:35:35 | 000,002,595 | ---- | M] () -- C:\Users\Robert Smith\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel 2010 (2).lnk
[2011/11/14 10:05:53 | 000,205,257 | ---- | M] () -- C:\Users\Robert Smith\Documents\Chabuca floorplan.PDF
[2011/11/12 15:30:27 | 000,135,070 | ---- | M] () -- C:\Users\Robert Smith\Desktop\5301 Delaney.pdf
========== Files Created - No Company Name ========== [2011/12/11 15:11:49 | 001,008,120 | ---- | C] () -- C:\Users\Robert Smith\Desktop\rkill.exe
[2011/12/10 14:40:38 | 001,837,056 | ---- | C] () -- C:\Users\Robert Smith\Desktop\memtest.iso
[2011/12/10 12:01:52 | 000,046,637 | ---- | C] () -- C:\Users\Robert Smith\Desktop\memtest86-3.4a.iso.zip
[2011/12/09 10:50:55 | 000,497,947 | ---- | C] () -- C:\Users\Robert Smith\Desktop\Todville Lots @Brummerhop&1st..pdf
[2011/12/09 10:49:47 | 000,977,577 | ---- | C] () -- C:\Users\Robert Smith\Desktop\Lts 1-5 Harbortown Plat.11.10.11.JPG
[2011/12/07 20:29:10 | 000,005,543 | ---- | C] () -- C:\Users\Robert Smith\Desktop\Spyware results.htm
[2011/12/07 13:04:32 | 002,415,884 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/12/07 13:03:40 | 000,001,786 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/07 12:58:01 | 000,512,992 | ---- | C] () -- C:\Users\Robert Smith\Desktop\Spybot-Spyware-Doctor-Install-rw.exe
[2011/12/07 12:49:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/12/05 16:59:30 | 002,434,560 | ---- | C] () -- C:\Users\Robert Smith\Desktop\UltraMon_3.1.0_en_x32.msi
[2011/12/05 16:02:22 | 020,423,608 | ---- | C] () -- C:\Users\Robert Smith\Desktop\emailscan.pdf
[2011/12/02 15:49:23 | 168,236,370 | ---- | C] () -- C:\Users\Robert Smith\Desktop\SEP11.0.7_WIN32BIT_UNMANAGED.exe
[2011/12/02 13:38:36 | 247,094,889 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/28 16:44:34 | 000,001,324 | ---- | C] () -- C:\Windows\System32\log.xml
[2011/11/28 14:43:00 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/11/14 10:05:53 | 000,205,257 | ---- | C] () -- C:\Users\Robert Smith\Documents\Chabuca floorplan.PDF
[2011/11/12 15:31:11 | 000,135,070 | ---- | C] () -- C:\Users\Robert Smith\Desktop\5301 Delaney.pdf
[2011/03/25 12:09:34 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/03/25 12:09:34 | 000,000,034 | ---- | C] () -- C:\Windows\System32\bd9840cd.dat
[2011/03/25 12:09:34 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011/03/25 12:04:20 | 000,000,229 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/03/25 12:04:20 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/03/25 12:04:20 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bd9840cn.dat
[2011/03/25 11:59:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011/03/25 11:59:38 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2011/03/25 11:59:38 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BAOCH06A.DAT
[2011/03/25 11:59:37 | 000,000,009 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011/03/25 11:59:32 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/02/22 22:52:09 | 000,002,137 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/11/16 22:01:31 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/05/27 10:24:24 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/05/12 15:11:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/06 11:54:32 | 000,203,336 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/02/10 12:40:38 | 000,000,025 | ---- | C] () -- C:\Users\Robert Smith\AppData\Roaming\bdfvconp.ini
[2010/01/29 14:41:03 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/29 14:41:03 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/29 14:40:13 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/01/28 13:19:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2009/12/03 14:24:39 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2009/12/01 14:46:47 | 000,098,136 | ---- | C] () -- C:\Windows\gzip.exe
[2009/09/25 09:53:33 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2009/09/25 09:53:33 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2009/09/15 11:23:36 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2009/09/01 14:50:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2009/09/01 12:31:51 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2009/08/31 13:44:15 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/08/29 11:33:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/11 13:25:37 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2009/05/22 15:13:42 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/27 12:11:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\ktdll.dll
[2009/02/18 11:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 14:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009/01/05 14:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe
[2009/01/05 14:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/07/07 12:07:33 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2008/05/13 19:53:31 | 000,014,336 | ---- | C] () -- C:\Users\Robert Smith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/01 13:24:54 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/03/18 15:50:38 | 000,000,041 | ---- | C] () -- C:\Windows\System32\SndDrv32b.ini
[2008/03/18 14:20:16 | 000,000,367 | ---- | C] () -- C:\Windows\System32\CNCMFP12.INI
[2008/03/05 23:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/02/26 13:19:52 | 000,000,000 | ---- | C] () -- C:\Windows\asym.ini
[2007/11/17 15:52:10 | 000,000,024 | ---- | C] () -- C:\Windows\VSWizard.ini
[2007/11/14 09:24:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2007/11/13 19:58:25 | 000,000,009 | ---- | C] () -- C:\Windows\mvraidver.dat
[2007/11/13 19:49:50 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2007/11/13 19:26:04 | 000,001,285 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2007/11/13 19:25:58 | 000,005,824 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007/11/13 19:23:44 | 000,002,032 | ---- | C] () -- C:\Users\Robert Smith\AppData\Local\d3d9caps.dat
[2007/06/06 20:24:42 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/05/22 18:17:30 | 000,047,395 | ---- | C] () -- C:\Windows\php.ini
[2007/04/25 19:21:36 | 000,000,236 | ---- | C] () -- C:\Windows\zraidtray.ini
[2006/11/02 06:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:46:27 | 000,444,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:33:01 | 000,673,870 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,128,302 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ========== [2009/06/24 14:01:07 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Autodesk
[2009/09/01 12:17:19 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\BitDefender
[2009/09/14 15:25:31 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Blitware
[2009/09/14 15:47:08 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/08/27 09:24:13 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\DesktopAlert, Inc
[2011/12/10 14:50:18 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\ImgBurn
[2009/01/12 12:44:24 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Leadertech
[2011/12/07 14:25:15 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\NewTech Infosystems
[2010/07/16 11:23:55 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\QuickScan
[2009/09/12 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\RegistryPC
[2010/11/16 22:25:57 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Uniblue
[2011/12/10 13:07:14 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Vista Start Menu
[2011/07/06 11:48:27 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\WinPatrol
[2010/06/08 10:17:08 | 000,000,000 | ---D | M] -- C:\Users\Robert Smith\AppData\Roaming\Xtend2.71305F52FFD36D9BDDE00284EF6181AE6688276A.1
[2011/12/04 04:29:00 | 000,000,454 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011/12/08 12:00:00 | 000,000,452 | ---- | M] () -- C:\Windows\Tasks\RegistryPC Scan.job
[2011/12/11 13:51:45 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegistryPC Startup.job
[2011/12/08 12:13:41 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/12/08 02:07:23 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\SOS Online Backup -
rsmith@houstonsuburbanrealestate.com.job[2011/12/11 15:18:45 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E29A13F3-F360-4D60-9B06-8B2BF0D7E333}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 164 bytes -> C:\Users\Robert Smith\Desktop\Willits Subdv.TIF:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 164 bytes -> C:\Users\Robert Smith\Desktop\Lts 1-5 Harbortown Plat.11.10.11.JPG:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 164 bytes -> C:\Users\Robert Smith\3311 Oaklawn Place.auth.TIF:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Extras:
OTL Extras logfile created on: 12/11/2011 3:24:41 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Robert Smith\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 42.45% Memory free
4.24 Gb Paging File | 2.48 Gb Available in Paging File | 58.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 185.33 Gb Free Space | 62.17% Space Free | Partition Type: NTFS
Computer Name: ROBERTSMITH-PC | User Name: Robert Smith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-897265402-1281397169-1080296097-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisabledInterfaces" = {9543F3DF-25CC-40E6-8D0A-6B2F6337E906},{CDF82118-9205-4453-AD4E-7755D8BABD4E},{4FE5B819-7ACA-4359-850D-31FE9D7A2A76}
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DD8D368-4452-40E7-8FF0-DB156F7D05F2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{164207BD-9C4D-4A4B-95DA-2A33C2B12CB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{26B20A9B-1154-4097-A972-C5AFF4CC84A5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{30DE83F4-3624-440A-A02F-A7739C0AF460}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3468337B-6669-4ADC-8476-0DD1B97CFB1C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F4C7BAB-9DC9-4D30-A5D3-7C9C0D98BE50}" = rport=10243 | protocol=6 | dir=out | app=system |
"{521A9DDB-7A4B-41B6-986B-F7EE4EC767A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A211321-CDC8-46C4-84FC-A32589C7A9CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{87FBEB53-D87E-4628-9019-F22E94D5CB8F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C819ABA-EC27-41A8-8A5E-910E50CE21F4}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{9D0A6C49-88CD-4984-99B6-1C3C7E2B06B1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A2762297-9742-415A-98D8-5FDAECF8CF7F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A93FA13E-F591-487E-98D4-D8798A900D73}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CE766725-06E9-489A-962D-7DC57C1F8D32}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{CFFED337-182E-4947-A1AC-6F0861D98DFB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF756BEC-3A5A-4F6E-9CE1-719EC370E019}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06B033C4-5E75-441F-8BA7-06B542F80CEF}" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"{1D3828FD-D8C4-4744-886D-29C36F94B773}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2953BB4C-B018-4CC0-8C9E-5FB06730D905}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2DBBEF91-4995-48BC-A3CF-F4CCFBD6D4D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31D2513A-0ACE-4C7F-B720-1686F881CB68}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40D6376B-162F-45E6-8984-63938E2E6ED9}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{415276C7-D7D2-40B6-83EE-08A146B83CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45EF2280-D928-46CE-85E2-4BA982ECEA32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F43D295-4952-424A-A79A-45A195AEDFF5}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5F9779BF-8858-4FE7-A0DA-7F2778129832}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6290CF02-C5A9-4134-8C98-266644B2B652}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{6FF9A7F0-F4C1-42A3-930A-0C19F7CE91D2}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{7ECD9C87-AA95-4018-A3E8-0CBAB08542C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80EE0E51-A857-449D-B8EE-3D00CF3A77B4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{833E702D-7041-4182-9A79-AFC1F9B88FD2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84A098ED-1B3F-4E65-94A3-4A681B6D1062}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90D25AD5-CC81-44BC-AE7B-B3C1D4D482B6}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A234AAA9-A101-4DB5-81FC-E51F44AC184D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7300AF5-DF93-4CF6-BE3F-E2E01DCA9571}" = protocol=6 | dir=out | app=system |
"{BEFF9D32-1778-4E8F-945F-F9315FD8AE53}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{C0027A26-D9D4-4436-A20A-EDD22F82134B}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{C1F50E24-26D2-453B-A133-F76D46C5B5A3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{C30C69B0-36C9-4855-9C2D-4B5A63DF13D3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C3FC05D2-D2B8-4EE1-B903-51FACE0D3862}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D085F719-4F5D-4C03-8695-82FEB01F61AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D328FC1F-01C6-4304-BF9C-01D8E4F1672C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E232C52E-66BB-4501-8C41-D9530315D087}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{EB9B8486-4B25-46F3-AE9C-07DB6427D863}" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"TCP Query User{5E277A0F-23E7-4E0E-96C6-815DFACED173}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{7143E40A-1789-44F3-B87D-2764A0D37457}C:\program files\marvell\61xx\apache2\bin\apache.exe" = protocol=6 | dir=in | app=c:\program files\marvell\61xx\apache2\bin\apache.exe |
"TCP Query User{8B9B4BBB-AFCA-4223-9EFB-F43106B319BB}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B6DDB299-94ED-46FD-8A96-1C7158357065}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"UDP Query User{032062FE-08CD-4036-B358-7F580B7F41C7}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{10CD6AC4-7A46-421B-B7D0-D6E36952FD9B}C:\program files\marvell\61xx\apache2\bin\apache.exe" = protocol=17 | dir=in | app=c:\program files\marvell\61xx\apache2\bin\apache.exe |
"UDP Query User{40113301-204D-4441-B8E3-94F794C0F7DD}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"UDP Query User{8EBCF6FD-870D-4135-95EE-A9F5F81976A3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA1005F-B640-0354-EC82-F8F7447A8E8A}" = CCC Help Hungarian
"{0FC472C3-6A2A-969F-10E7-E8F61B18117C}" = Catalyst Control Center Localization All
"{12076C90-4A78-7241-F633-4D2B019D5611}" = CCC Help Thai
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{17E11EC2-3736-10A1-330C-CC7EB6CAC6B3}" = CCC Help Turkish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{31405CA2-F009-D91B-FEFF-35924343CB14}" = Catalyst Control Center InstallProxy
"{31B75145-DF24-C759-E735-9C129956961E}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F5C54C-ED39-58B4-42DA-3F20AB440E49}" = CCC Help Czech
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{641C1B16-FD4C-0F97-47AE-76637FC64225}" = CCC Help English
"{64B157C9-C291-2535-8177-237BC2D37EBF}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79C2D7F9-3BF8-52C1-6A7A-84C9296171F8}" = CCC Help German
"{7B29E627-71A5-6824-3F85-DBEF19624BD0}" = ccc-core-static
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84B70C16-7032-41EE-965C-3C8D9D566CBB}" = Symantec Endpoint Protection
"{85C3024B-A974-450C-4D46-C031F801F5EC}" = ccc-utility
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}" = LightScribe Applications
"{88B2BB7B-A684-E8E3-65C6-DDC5DC152C2A}" = CCC Help French
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CB77076-DB66-5D92-7886-807226C9CE4B}" = CCC Help Italian
"{8D423929-E0DE-4B27-9BE8-95FAA3F25B57}_is1" = MyTradeBook 2.1
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{916F59AC-116F-4F70-B945-35000B059D9C}" = SystemTechVista
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94F4B1D4-0BCC-E5C6-4EAE-F1A287383D5B}" = CCC Help Finnish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98838C21-AD83-77AA-3B09-F437C6F24F8F}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6F56DA-7051-6677-4E5A-9DC6C573F2B5}" = CCC Help Portuguese
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FE051B0-39BC-F5DD-C99B-0D4793184C2A}" = CCC Help Chinese Standard
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA6B96C4-7AF5-3F6A-E630-4096508A9C47}" = CCC Help Danish
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACFB6965-D714-3786-6B50-58E21223CB96}" = ATI AVIVO Codecs
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B48E87FE-A8D9-EE14-B607-3FA1ACEF218E}" = CCC Help Norwegian
"{B4FA8E67-D299-485A-407B-05A2681BAF47}" = CCC Help Japanese
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{BB05BC7D-BEF8-7A7B-C62E-F1BE381E70BB}" = CCC Help Swedish
"{C3FA3CCE-2A88-0976-B875-4B3E9D41204D}" = Catalyst Control Center Graphics Previews Common
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D34F0251-1C96-09B3-EE29-2A9148413252}" = CCC Help Chinese Traditional
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A0D86-35B0-BFC8-174B-D991EDF903B8}" = Catalyst Control Center Graphics Previews Vista
"{D5610369-AF78-386F-4985-9822654973A3}" = CCC Help Polish
"{DCFBBC9D-719E-4134-A572-263526AE16DD}" = Network Recording Player
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E937F8DA-8C7F-ADFE-7EA5-7C1CAAB23C05}" = HydraVision
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECD129A4-5A21-1977-0849-6913BA6BA29C}" = CCC Help Russian
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5BE88C4-A9A1-4ADD-980D-15EEB563C7BA}" = SOS Online Backup
"{F77D44EB-2A6E-E2EE-7C30-40A5409B2650}" = CCC Help Greek
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows Vista Signed Files
"{FD1E62F4-33DC-87C5-8C4A-77D2D8D5ACB8}" = ATI Catalyst Install Manager
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"ATT" = AT&T U-verse Setup
"Autobahn" = NexDef Plug-in
"Belkin Network USB Hub Control Center" = Belkin Network USB Hub Control Center
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DWG TrueView 2010" = DWG TrueView 2010
"Google Updater" = Google Updater
"HitmanPro35" = Hitman Pro 3.5
"Intuit SiteBuilder" = Intuit SiteBuilder
"jZip" = jZip
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 9.0 (x86 en-US)" = Mozilla Firefox 9.0 (x86 en-US)
"mv61xxDriver" = marvell 61xx
"mv61xxMRU" = Marvell MRU
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Spyware Doctor" = Spyware Doctor with AntiVirus 8.0
"thinkorswim" = thinkorswim
"Vista Start Menu" = Vista Start Menu
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-897265402-1281397169-1080296097-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{E9EB5689-4F76-4E3C-A675-5ED5F52AB890}" = NTI Shadow 3
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 7/1/2011 9:02:51 PM | Computer Name = RobertSmith-PC | Source = Perflib | ID = 1010
Description =
Error - 7/1/2011 9:02:52 PM | Computer Name = RobertSmith-PC | Source = Perflib | ID = 1008
Description =
Error - 7/1/2011 10:01:46 PM | Computer Name = RobertSmith-PC | Source = Outlook | ID = 34
Description = Failed to get the Crawl Scope Manager with error=0x80070002.
Error - 7/1/2011 10:01:48 PM | Computer Name = RobertSmith-PC | Source = Outlook | ID = 34
Description = Failed to get the Crawl Scope Manager with error=0x80070002.
Error - 7/1/2011 10:01:48 PM | Computer Name = RobertSmith-PC | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x80070002).
Error - 7/2/2011 12:23:19 AM | Computer Name = RobertSmith-PC | Source = Outlook | ID = 34
Description = Failed to get the Crawl Scope Manager with error=0x80070002.
Error - 7/2/2011 12:23:19 AM | Computer Name = RobertSmith-PC | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x80070002).
Error - 7/2/2011 4:25:44 PM | Computer Name = RobertSmith-PC | Source = Windows Search Service | ID = 3038
Description =
Error - 7/2/2011 4:25:57 PM | Computer Name = RobertSmith-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 7/2/2011 4:25:57 PM | Computer Name = RobertSmith-PC | Source = Windows Search Service | ID = 3058
Description =
[ Media Center Events ]
Error - 4/1/2009 7:23:16 AM | Computer Name = RobertSmith-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/12/2009 4:01:15 AM | Computer Name = RobertSmith-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/9/2009 11:08:55 AM | Computer Name = RobertSmith-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 12/11/2011 1:44:27 AM | Computer Name = RobertSmith-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12/11/2011 1:44:30 AM | Computer Name = RobertSmith-PC | Source = DCOM | ID = 10005
Description =
Error - 12/11/2011 1:44:52 AM | Computer Name = RobertSmith-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12/11/2011 1:44:56 AM | Computer Name = RobertSmith-PC | Source = DCOM | ID = 10005
Description =
Error - 12/11/2011 2:13:28 AM | Computer Name = RobertSmith-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 4002
Description =
Error - 12/11/2011 2:20:14 AM | Computer Name = RobertSmith-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 12/11/2011 3:33:57 PM | Computer Name = RobertSmith-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:30:39 PM on 12/11/2011 was unexpected.
Error - 12/11/2011 3:33:58 PM | Computer Name = RobertSmith-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 4002
Description =
Error - 12/11/2011 3:52:37 PM | Computer Name = RobertSmith-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/11/2011 3:56:25 PM | Computer Name = RobertSmith-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
Thank U!