OTL Extras logfile created on: 2/21/2012 2:02:43 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 46.39% Memory free
2.14 Gb Paging File | 0.98 Gb Available in Paging File | 45.81% Paging File free
Paging file location(s): c:\pagefile.sys 212 9999 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 80.42 Gb Free Space | 58.81% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.56 Gb Free Space | 56.96% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0528ECFE-4F68-434A-9987-539002A90E55}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{085E0A89-A86E-43DC-9253-2885DDE0BF93}" = rport=445 | protocol=6 | dir=out | app=system |
"{0B338A97-4CBC-41DD-AF52-3E803455F144}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0BAEE5E8-11AE-488A-940E-DE7E90480595}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CE56D7C-1311-4E8E-A73E-63DD78C6EC28}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{114B45BD-5839-4E43-BA59-67AF7F2A8671}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1236DCDC-EB01-470B-92EF-943071990247}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13A3F17D-253C-4677-8162-72082BA67984}" = lport=137 | protocol=17 | dir=in | app=system |
"{1E38F1DF-33A6-418E-87A3-1259E505F111}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2A519073-9BDE-4D52-AE5C-1AC2641573AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{31CE2BDE-350D-42A5-9A5D-72F5046C989A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{371DB07D-819C-4FED-9D01-2330ED9F0EB0}" = rport=139 | protocol=6 | dir=out | app=system |
"{4D185AFF-6A66-4D85-9748-1F700BB7FC50}" = lport=2869 | protocol=6 | dir=in | app=system |
"{510D9262-B6EA-41DF-B082-644ACF924969}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A599AFD-D316-49FA-B0FB-1159792CC3FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D83DCED-B766-4011-B2D2-960488E9D54C}" = rport=137 | protocol=17 | dir=out | app=system |
"{759352AE-83B6-4733-BEBB-57905F64D211}" = lport=445 | protocol=6 | dir=in | app=system |
"{7788AD95-2AAB-47BF-A82E-A618D74E5272}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{7A2A2382-3F53-4C31-9C91-29E295185C20}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7AEBE312-2554-401D-944D-BD1604A8AD3A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{8FF703D0-5371-4F6C-89C7-5A515AB72233}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAA213F5-DED2-41C1-B51C-FC747D70CEBA}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA70C1BD-8CC4-40D1-8564-4894C7B142C3}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD57DC02-0BBA-4D7F-B5D5-AE55B9AE21A9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{BEBD9BDD-7794-4BCD-BBF4-A26DDAFB3F9B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D835A2C7-60A3-4DD6-B5DE-2C8A8F4D9CD2}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{EC2C57F1-979A-49B9-9399-59C4A0F26884}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE57B052-4BA0-4925-B016-659B2094EFC2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{F3035E7D-9A33-4DAC-AEB2-E6D129AA8F95}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0999C035-C44D-42E7-B3DD-92AC56440155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{0B327941-49AF-47B0-A871-07AAEB95A775}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0EC27849-3158-416B-83BC-3AF6A640C926}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{0FCB71D5-3516-48B0-95C4-4AE8E25A7567}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{213C540A-7673-4005-A98B-5EE9953E8EB2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{23A98790-91E8-4205-9BC3-0D412F7CE9B3}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{29C26C73-C026-4B39-B23B-114321BDD3BE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3759DF66-877D-4A9F-908F-F056E7CB3AC8}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3A98B349-A33F-43BE-81E5-B937C65962DE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{4274F116-A103-43BB-A2F6-8CA9B87BDC09}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{463D3B7D-CA8F-4E80-9DDE-A1BBFA4499C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4644445D-6569-4DBC-8349-5C8B2D92295E}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{475876F4-175A-4CCB-9EA7-03321297AC0E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{4C91C9FE-7C5E-45FE-B9C5-EF78CC04626E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4F0255D4-7893-477B-9029-5303E9AB560E}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{51A70105-9D14-4002-8C68-02012CE6E434}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{59BD9FDD-E6F7-4E87-A7B4-194B9CB63CE7}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5D359D7A-31C6-4C14-8B40-18D01D272FDE}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{6177F7B3-6A1D-4FC7-9149-1A2EDD2A6423}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{698C32E6-8090-433C-86EF-AD04B8FF8DEB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{6F8AAC2B-9D43-44C1-BD18-03B007982CA8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{76AEF91B-9422-4E79-8A26-64278A0C431C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7DC9B238-138E-4E03-8D26-DC696456EA7B}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"{822524B1-4713-4503-ACB5-113CC58CEDFF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{84DDC3A5-579C-450B-A51E-A5CBD956F5CF}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"{89B0146C-BB4E-4DA6-A6A4-07219B9322A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{8C87E769-4C31-4205-8850-21789F8836FF}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8ECBB453-9065-43AA-83EC-6B8B3C1C4990}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{970632A2-1BA0-4E61-99AC-75AD3F525B4C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{A5885950-E906-49FF-9E2B-B5B46D6CE392}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B6C7815C-1BE7-4E83-8F34-0EC2F19E9680}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{BA5BEA23-310D-40EB-911D-A2AD5DE0772F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C0D74FDB-3F16-421A-83CC-6A8A7ED87A22}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C824A81E-24CF-45B4-AB15-BD613FBAC21C}" = dir=in | app=e:\setup\hpznui01.exe |
"{D7150EC0-2574-4A78-8BC1-EF4BA78259E8}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{DC72EF18-96C0-41A6-8A0D-E785965A7A06}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{EFF0BBD7-AA59-4C1C-84DD-E892686C5070}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F51FEE94-9E87-4F1E-92D8-FE392508346C}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{F95FA74F-4ECD-40A3-9A7C-8A769E7686EA}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{FEA5AF8B-C4E4-488B-96D6-5E2BD983A306}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{29F8C25D-33FE-4933-8DBA-FEAF38987F2F}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{4E2F746C-460C-44C3-9987-C900C8348B00}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DAB935B0-354E-4C34-91E0-1E71FA2BC9D3}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"TCP Query User{F2B961B3-1AE8-4CF0-AA85-E5CC0C9D2F59}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{24CF173A-F8EE-48B0-AA5A-2F0AFAF49D75}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{5BD2D580-718F-4CAA-B405-FE57EFA4AC0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5FD00779-0511-4DE0-9963-ACE3FA9482BC}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{C41D4417-5C39-476B-A31F-3B4587FBDEBF}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{02548730-180A-487e-A726-A75CB6650AF7}" = D1400
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03E66394-42F0-4745-85F7-0A2F8F35C09F}" = HP Deskjet Printer Driver Software 9.0
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0FFC1BEE-CD91-4B6D-A5A0-89CD7B2691E7}_is1" = The Interactive e-Book of The Beneficiary Book Version 2.0
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15C70064-2463-49dd-9A88-B700F75BB428}" = dj_sf_ProductContext
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32622F02-640A-4335-86FF-557325DC39D4}" = PS_AIO_04_C6300_Software_Min
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75C22B40-6D12-4439-80DC-CAB3313EADA5}" = dj_sf_software_req
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BD42C12-74D1-4804-B24D-D21E25D4E3CF}" = PS_AIO_04_C6300_ProductContext
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84031A18-BA9A-4156-A74F-E05B52DDFCE2}" = DING!
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99832252-D489-4276-B961-6D505CF0AFAA}" = PS_AIO_04_C6300_Software
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9DA735C0-3C3E-4CB3-BC26-BE95E768115F}" = Garmin City Navigator North America NT 2009 Update
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9EDC4EA1-558A-4297-9BCB-F36E572E6B1D}" = C6300_Help
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B639110D-747F-40DC-9682-95D94EF73790}" = dj_sf_software
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C7E154EF-D5EC-4da4-9D00-43B85967B120}" = dj_sf_ProductContext
"{C8732DC3-1736-44b2-B741-2D636DE58605}" = HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4250558-4DE6-4342-8865-D397FD66076B}" = C6300
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EBD9A954-6C1A-4E9F-A098-C98653035381}" = PrintMaster Platinum 18
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFE673F6-688A-42ed-9C6C-9DD8CF5A9B89}" = D1400_Help
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.1
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Support Center" = Dell Support Center
"GoToAssist" = GoToAssist 8.0.0.514
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"Logitech Vid" = Logitech Vid HD
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Photo Viewer" = Photo Viewer 2.3
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Shop for HP Supplies" = Shop for HP Supplies
"The Print Shop Premier Edition 5.0" = The Print Shop Premier Edition 5.0
"WebPost" = Microsoft Web Publishing Wizard 1.52
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1310896333-4111929781-2163261088-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2/20/2012 10:52:40 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: df4 Start Time: 01ccefdd97dd76d8 Termination Time: 546
Error - 2/20/2012 11:00:28 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1010
Description =
Error - 2/20/2012 11:00:35 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1008
Description =
Error - 2/20/2012 7:32:44 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 530 Start Time: 01ccf026d4d6c450 Termination Time: 15
Error - 2/20/2012 7:40:50 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: dbc Start Time: 01ccf027f8d1fd60 Termination Time: 15
Error - 2/20/2012 7:48:52 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program uycv1rqf.exe version 1.0.15.15641 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 16a0 Start Time: 01ccf029a051bb10 Termination Time: 203
Error - 2/20/2012 7:54:06 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1690 Start Time: 01ccf02a3d1a6370 Termination Time: 47
Error - 2/20/2012 9:48:32 PM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 16ac Start Time: 01ccf03ac0a9f920 Termination Time: 31
Error - 2/21/2012 11:00:41 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1010
Description =
Error - 2/21/2012 11:00:50 AM | Computer Name = Owner-PC | Source = Perflib | ID = 1008
Description =
[ Media Center Events ]
Error - 2/18/2009 10:40:42 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 2/21/2012 8:51:34 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/21/2012 8:51:34 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/21/2012 8:52:40 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 2/21/2012 8:52:46 AM | Computer Name = Owner-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.
Error - 2/21/2012 2:56:08 PM | Computer Name = Owner-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 2/21/2012 2:56:18 PM | Computer Name = Owner-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 2/21/2012 2:56:26 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:53:55 PM on 2/21/2012 was unexpected.
Error - 2/21/2012 2:58:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/21/2012 2:58:03 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/21/2012 3:00:05 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
OTL logfile created on: 2/21/2012 2:02:43 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 46.39% Memory free
2.14 Gb Paging File | 0.98 Gb Available in Paging File | 45.81% Paging File free
Paging file location(s): c:\pagefile.sys 212 9999 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 80.42 Gb Free Space | 58.81% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.56 Gb Free Space | 56.96% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/02/20 18:32:55 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/01/18 13:54:06 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/11/11 18:18:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2011/08/12 11:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/24 09:45:02 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ========== MOD - [2012/02/16 13:27:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 13:21:39 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011/10/17 07:32:53 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2008/05/19 01:25:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/10/24 09:45:02 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2008/08/11 21:09:26 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 05:45:36 | 003,192,184 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/01/09 05:45:28 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
========== Driver Services (SafeList) ========== DRV - [2012/02/21 13:59:37 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6ABC9870-A8AB-4CA5-898D-EB6C1F983A7F}\MpKsl232cd606.sys -- (MpKsl232cd606)
DRV - [2012/02/21 13:52:50 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6ABC9870-A8AB-4CA5-898D-EB6C1F983A7F}\MpKsl2482b022.sys -- (MpKsl2482b022)
DRV - [2012/02/17 10:03:34 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011/08/19 04:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C310(UVC)
DRV - [2011/08/19 04:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (kl1)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 13:51:20 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/04/22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2008/11/11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/05/04 04:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/IE - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/12 10:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2012/02/17 09:31:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/12 10:21:08 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/10/01 09:09:54 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\..\Toolbar\WebBrowser: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No CLSID value found.
O3 - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1310896333-4111929781-2163261088-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Google Sidewiki... -
res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2151F87-B6FE-4762-8BAB-B18FAEE7F158}: DhcpNameServer = 75.75.75.75 75.75.76.76
O20 - AppInit_DLLs: (I5????) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8a845fa5-af20-11dd-86d2-00219be1dcc4}\Shell\AutoRun\command - "" = F:\wdsync.exe
O33 - MountPoints2\{8fe0ab47-a310-11e0-a6db-002268cbebf0}\Shell - "" = AutoRun
O33 - MountPoints2\{8fe0ab47-a310-11e0-a6db-002268cbebf0}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/02/21 13:51:30 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/02/20 18:15:18 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/02/19 11:59:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/02/19 11:59:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/02/18 20:04:31 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll
[2012/02/16 08:33:48 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/16 08:33:43 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/02/16 08:33:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/16 08:33:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/16 08:33:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/16 08:33:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/16 01:26:35 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/10 15:50:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/01/23 21:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/01/23 20:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/23 20:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/11/01 18:03:08 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2008/10/02 13:03:27 | 000,000,574 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/02/21 14:01:57 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/02/21 13:57:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 13:57:13 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 13:56:34 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/02/21 13:56:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/21 13:52:02 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/02/21 13:35:17 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1310896333-4111929781-2163261088-1000UA.job
[2012/02/20 18:54:46 | 000,302,592 | ---- | M] () -- C:\Users\Owner\Desktop\2twhc2hx.exe
[2012/02/20 18:32:55 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/02/20 16:35:14 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1310896333-4111929781-2163261088-1000Core.job
[2012/02/20 07:06:19 | 000,645,152 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/20 07:06:19 | 000,121,210 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/19 12:08:08 | 000,002,523 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/02/17 20:26:52 | 000,000,921 | ---- | M] () -- C:\Users\Owner\Desktop\Dropbox.lnk
[2012/02/17 20:26:52 | 000,000,901 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/17 10:03:34 | 000,488,024 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/02/17 10:03:29 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012/02/17 10:03:28 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012/02/16 23:37:31 | 000,002,044 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2012/02/16 23:37:31 | 000,002,006 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/16 09:52:15 | 001,020,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/15 16:13:06 | 000,000,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2012/02/12 06:59:57 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/02 09:49:37 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/02 09:49:37 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/31 07:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/23 21:02:50 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/02/21 14:01:57 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/02/20 18:54:45 | 000,302,592 | ---- | C] () -- C:\Users\Owner\Desktop\2twhc2hx.exe
[2012/02/19 11:59:18 | 000,002,523 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2012/02/17 20:20:28 | 000,000,901 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/15 16:51:09 | 001,020,816 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/15 16:13:06 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2012/02/10 15:52:19 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/10 15:52:13 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/01/23 21:02:50 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/19 04:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 04:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 04:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 01:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/03/25 14:34:36 | 000,166,564 | ---- | C] () -- C:\Windows\hpoins31.dat
[2010/11/03 09:23:54 | 000,024,206 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
========== LOP Check ========== [2012/02/21 13:58:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2009/01/19 21:06:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GARMIN
[2010/12/26 14:37:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2011/03/02 21:12:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2009/01/20 11:33:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Southwest Airlines
[2008/10/02 13:03:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/02/19 11:39:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WeatherBug
[2012/02/12 06:59:57 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/20 20:57:19 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/21 13:56:34 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-21 13:57:35
-----------------------------
13:57:35.104 OS Version: Windows 6.0.6002 Service Pack 2
13:57:35.104 Number of processors: 2 586 0xF0D
13:57:35.104 ComputerName: OWNER-PC UserName: Owner
13:59:29.984 Initialize success
14:00:24.506 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:00:24.522 Disk 0 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
14:00:24.537 Disk 0 MBR read successfully
14:00:24.537 Disk 0 MBR scan
14:00:24.553 Disk 0 Windows VISTA default MBR code
14:00:24.553 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
14:00:24.584 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
14:00:24.600 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 140026 MB offset 20561920
14:00:24.615 Disk 0 Partition - 00 0F Extended LBA 2559 MB offset 307337216
14:00:24.678 Disk 0 Partition 4 00 DD MSDOS5.0 2558 MB offset 307339264
14:00:24.693 Disk 0 scanning sectors +312578048
14:00:24.787 Disk 0 scanning C:\Windows\system32\drivers
14:00:46.674 Service scanning
14:01:07.331 Service kl1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
14:01:07.503 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
14:01:07.627 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
14:01:07.659 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
14:01:08.907 Service MpKsl232cd606 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6ABC9870-A8AB-4CA5-898D-EB6C1F983A7F}\MpKsl232cd606.sys **LOCKED** 32
14:01:09.016 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
14:01:18.579 Modules scanning
14:01:47.408 Disk 0 trace - called modules:
14:01:47.455 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
14:01:47.471 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8d3c1030]
14:01:47.486 3 CLASSPNP.SYS[8e9618b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8afd4028]
14:01:47.502 Scan finished successfully
14:01:57.829 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
14:01:57.860 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
ok...here it is ..thanks...everything scanned this time.