Here are the requested Notepad Files
Thanks Again,
Dennis
08/31/09 17:01:45 [Info]: BlackLight Engine 2.2.1092 initialized
08/31/09 17:01:45 [Info]: OS: 6.0 build 6001 (Service Pack 1)
08/31/09 17:01:45 [Note]: 7019 4
08/31/09 17:01:45 [Note]: 7005 0
08/31/09 17:01:45 [Error]: 6021 32
08/31/09 17:01:49 [Note]: 7006 0
08/31/09 17:01:49 [Note]: 7022 0
08/31/09 17:01:49 [Note]: 7027 0
08/31/09 17:01:49 [Note]: 7035 0
08/31/09 17:01:49 [Note]: 7026 0
08/31/09 17:01:49 [Note]: 7026 0
08/31/09 17:01:50 [Note]: FSRAW library version 1.7.1024
08/31/09 17:02:28 [Note]: 7007 0
OTL logfile created on: 8/31/2009 6:05:32 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\DENNIS.Dennis-PC\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 97.97% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.77 Gb Total Space | 168.83 Gb Free Space | 75.79% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.17 Gb Free Space | 61.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DENNIS-PC
Current User Name: DENNIS
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
PRC - C:\Windows\System32\STacSV.exe (SigmaTel, Inc.)
PRC - C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
PRC - C:\Program Files\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE (Logitech Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Users\DENNIS.Dennis-PC\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (AdobeActiveFileMonitor4.0 [Auto | Running]) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe ()
SRV - (AlertService [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (comHost [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (CVPND [Auto | Running]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (DQLWinService [Auto | Running]) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (ISSM [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (LBTServ [Auto | Running]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE (Logitech Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (LiveUpdate Notice [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (M1 Server [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (MCLServiceATL [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Remote UI Service [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Running]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (SBSDWSCService [Auto | Running]) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (STacSV [Auto | Running]) -- C:\Windows\System32\STacSV.exe (SigmaTel, Inc.)
SRV - (stllssvr [On_Demand | Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (Symantec Core LC [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XAudioService [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
========== Driver Services (SafeList) ========== DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (COH_Mon [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\COH_Mon.sys (Symantec Corporation)
DRV - (CO_Mon [Auto | Running]) -- C:\Windows\System32\drivers\CO_Mon.sys (Symantec Corporation)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [Auto | Running]) -- C:\Windows\System32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DLABMFSM [Auto | Running]) -- C:\Windows\System32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLABOIOM [Auto | Running]) -- C:\Windows\System32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLACDBHM [System | Running]) -- C:\Windows\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DLADResM [Auto | Running]) -- C:\Windows\System32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAIFS_M [Auto | Running]) -- C:\Windows\System32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAOPIOM [Auto | Running]) -- C:\Windows\System32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLAPoolM [Auto | Running]) -- C:\Windows\System32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLARTL_M [System | Running]) -- C:\Windows\System32\Drivers\DLARTL_M.SYS (Roxio)
DRV - (DLAUDFAM [Auto | Running]) -- C:\Windows\System32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAUDF_M [Auto | Running]) -- C:\Windows\System32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DNE [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (DRVMCDB [Boot | Running]) -- C:\Windows\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\Windows\System32\Drivers\DRVNDDM.SYS (Roxio)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\Windows\System32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (e1express [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\e1e6032.sys (Intel Corporation)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (IDSvix86 [System | Running]) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090811.004\IDSvix86.sys (Symantec Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntelDH [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\IntelDH.sys (Intel Corporation)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (MBAMSwissArmy [On_Demand | Stopped]) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090830.018\naveng.sys (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090830.018\navex15.sys (Symantec Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (nmsgopro [Auto | Running]) -- C:\Windows\System32\DRIVERS\nmsgopro.sys (Gteko Ltd.)
DRV - (nmsunidr [Auto | Running]) -- C:\Windows\System32\DRIVERS\nmsunidr.sys (Gteko Ltd.)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (R300 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (SPBBCDrv [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SRTSP [On_Demand | Running]) -- C:\Windows\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\Windows\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (STHDA [On_Demand | Running]) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (StillCam [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (SYMDNS [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SymIM [System | Running]) -- C:\Windows\System32\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (TSHWMDTCP [On_Demand | Stopped]) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usbbus [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (winachsf [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio [Auto | Running]) -- C:\Windows\System32\DRIVERS\xaudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&cli ... bd=2070912IE - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\S-1-5-21-2176694402-3255639231-4089149711-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/24 17:44:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/19 19:20:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/24 19:30:57 | 00,000,000 | ---D | M]
[2009/08/19 19:21:22 | 00,000,000 | ---D | M] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\mozilla\Extensions
[2009/08/19 19:21:22 | 00,000,000 | ---D | M] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/31 16:53:51 | 00,000,000 | ---D | M] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\mozilla\Firefox\Profiles\oq9mcakd.default\extensions
[2009/08/19 19:24:18 | 00,000,000 | ---D | M] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\mozilla\Firefox\Profiles\oq9mcakd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/19 19:20:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/19 19:20:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/30 07:26:53 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/30 07:26:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/30 07:26:55 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/07/30 03:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 03:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 03:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 03:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 03:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 03:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 03:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (21 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BHR] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - Startup: C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8}
http://3dlifeplayer.dl.3dvia.com/player ... taller.exe (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
========== Files/Folders - Created Within 30 Days ========== [2009/08/31 18:03:58 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\DENNIS.Dennis-PC\Desktop\OTL.exe
[2009/08/31 16:56:47 | 01,137,360 | ---- | C] (F-Secure Corporation) -- C:\fsbl.exe
[2009/08/29 23:25:20 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Users\DENNIS.Dennis-PC\Desktop\TFC.exe
[2009/08/29 22:00:46 | 00,000,000 | ---D | C] -- C:\rsit
[2009/08/29 21:59:50 | 00,781,909 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Desktop\RSIT.exe
[2009/08/29 21:16:12 | 00,173,119 | ---- | C] (Eric_71) -- C:\Users\DENNIS.Dennis-PC\Desktop\Rooter.exe
[2009/08/27 03:01:08 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/08/26 21:14:38 | 00,030,208 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\August 11, 2009 Elders MinutesOLD.doc
[2009/08/26 04:59:13 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/08/26 04:59:12 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/08/25 21:16:11 | 00,015,566 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\Elders Minutes.dotx
[2009/08/25 20:47:35 | 00,017,175 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\August 11, 2009 Elders Minutes.docx
[2009/08/25 19:46:17 | 00,000,109 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\Ron Office Manager.URL
[2009/08/25 19:40:59 | 00,175,616 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\Ron Rieger.doc
[2009/08/25 19:40:32 | 00,172,544 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\2009 Annual Review - Wadel Inputs.doc
[2009/08/24 20:31:34 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Malwarebytes
[2009/08/24 20:31:32 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/24 20:31:30 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/24 20:31:29 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/24 20:31:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/24 20:31:29 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/24 20:24:20 | 00,001,876 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Desktop\HijackThis.lnk
[2009/08/24 20:24:19 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/24 19:59:46 | 00,244,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX
[2009/08/24 19:59:46 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/08/24 19:59:46 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcsvc.dll
[2009/08/24 19:59:46 | 00,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2009/08/24 18:19:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/08/24 15:16:27 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Apple
[2009/08/23 20:14:07 | 00,018,208 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\16th BMW - Shortcut.lnk.docx
[2009/08/23 20:13:34 | 00,022,805 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\16th BMW.docx
[2009/08/23 13:08:32 | 00,011,302 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Documents\Schedule Details.docx
[2009/08/22 18:00:33 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\Documents\OneNote Notebooks
[2009/08/22 18:00:32 | 00,001,113 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/08/20 11:10:21 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Roxio
[2009/08/20 11:06:03 | 00,003,584 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/19 19:21:05 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Mozilla
[2009/08/19 19:21:05 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Mozilla
[2009/08/19 19:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/08/19 17:37:28 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Adobe
[2009/08/19 17:12:31 | 00,000,000 | ---D | C] -- C:\3f48cbb0d3a0979353f8153d3f9e7c59
[2009/08/19 17:06:58 | 02,226,760 | -H-- | C] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\IconCache.db
[2009/08/18 20:44:09 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/08/18 20:43:57 | 00,001,281 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Desktop\Documents - Shortcut.lnk
[2009/08/18 20:43:54 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/08/18 20:43:48 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Real
[2009/08/18 20:43:47 | 00,001,278 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Desktop\Pictures - Shortcut.lnk
[2009/08/17 22:41:40 | 00,000,104 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\Desktop\internet.lnk
[2009/08/17 22:26:24 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Macromedia
[2009/08/17 22:26:23 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Adobe
[2009/08/17 22:25:36 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Google
[2009/08/17 22:24:21 | 00,121,408 | ---- | C] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/17 22:24:06 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Logitech
[2009/08/17 22:24:04 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Symantec
[2009/08/17 22:23:55 | 00,000,000 | -H-D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\GTek
[2009/08/17 22:23:42 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Identities
[2009/08/17 22:23:39 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\VirtualStore
[2009/08/17 22:23:33 | 00,000,000 | --SD | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Microsoft
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\Documents\My Videos
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\Documents\My Pictures
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\Documents\My Music
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Temporary Internet Files
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\History
[2009/08/17 22:23:33 | 00,000,000 | -HSD | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Application Data
[2009/08/17 22:23:33 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Media Center Programs
[2009/08/17 22:23:33 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Temp
[2009/08/17 22:23:33 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Microsoft Help
[2009/08/17 22:23:33 | 00,000,000 | ---D | C] -- C:\Users\DENNIS.Dennis-PC\AppData\Local\Microsoft
[2009/08/17 21:41:47 | 17,723,7667 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/08/13 03:03:02 | 00,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2009/08/12 16:39:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
[2009/08/12 16:39:04 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll
[2009/08/12 16:39:03 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll
[2009/08/12 16:38:58 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/08/12 16:38:53 | 10,626,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/08/12 16:38:51 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpdxm.dll
[2009/08/12 16:38:50 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2009/08/12 16:38:49 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/08/12 16:38:49 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2009/08/12 16:38:49 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2009/08/12 16:38:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2009/08/12 16:38:49 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2007/10/26 14:28:18 | 00,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2007/10/04 20:17:20 | 00,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2007/10/04 20:17:18 | 00,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2007/09/19 23:47:43 | 00,215,144 | R--- | C] () -- C:\Windows\patchw32.dll
[2007/09/19 23:44:07 | 00,215,144 | R--- | C] () -- C:\Windows\pw32a.dll
[2007/09/19 23:10:20 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2006/11/07 15:25:58 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:31 | 00,000,128 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/17 00:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/06/23 10:09:34 | 00,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
========== Files - Modified Within 30 Days ========== [2009/08/31 18:03:23 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\DENNIS.Dennis-PC\Desktop\OTL.exe
[2009/08/31 18:03:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/31 16:56:48 | 01,137,360 | ---- | M] (F-Secure Corporation) -- C:\fsbl.exe
[2009/08/31 16:47:13 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/31 16:47:13 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/31 16:47:13 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/31 16:41:59 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/31 16:41:58 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/31 16:41:55 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/31 16:41:00 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/08/31 00:19:00 | 00,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Dennis.job
[2009/08/30 15:45:41 | 02,226,760 | -H-- | M] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\IconCache.db
[2009/08/29 23:25:21 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Users\DENNIS.Dennis-PC\Desktop\TFC.exe
[2009/08/29 21:59:58 | 00,781,909 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Desktop\RSIT.exe
[2009/08/29 21:16:13 | 00,173,119 | ---- | M] (Eric_71) -- C:\Users\DENNIS.Dennis-PC\Desktop\Rooter.exe
[2009/08/29 20:49:46 | 00,018,208 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\16th BMW - Shortcut.lnk.docx
[2009/08/26 21:14:38 | 00,030,208 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\August 11, 2009 Elders MinutesOLD.doc
[2009/08/25 21:16:12 | 00,015,566 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\Elders Minutes.dotx
[2009/08/25 20:47:35 | 00,017,175 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\August 11, 2009 Elders Minutes.docx
[2009/08/25 19:46:17 | 00,000,109 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\Ron Office Manager.URL
[2009/08/25 19:41:00 | 00,175,616 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\Ron Rieger.doc
[2009/08/25 19:40:32 | 00,172,544 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\2009 Annual Review - Wadel Inputs.doc
[2009/08/24 20:31:32 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/24 20:24:20 | 00,001,876 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Desktop\HijackThis.lnk
[2009/08/23 20:13:34 | 00,022,805 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\16th BMW.docx
[2009/08/23 13:08:33 | 00,011,302 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Documents\Schedule Details.docx
[2009/08/22 18:00:32 | 00,001,113 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/08/20 14:11:50 | 00,003,584 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/18 20:44:58 | 00,001,278 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Desktop\Pictures - Shortcut.lnk
[2009/08/18 20:44:33 | 00,001,281 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Desktop\Documents - Shortcut.lnk
[2009/08/17 22:41:40 | 00,000,104 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\Desktop\internet.lnk
[2009/08/17 22:24:21 | 00,121,408 | ---- | M] () -- C:\Users\DENNIS.Dennis-PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/17 22:09:30 | 17,723,7667 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
OTL Extras logfile created on: 8/31/2009 6:05:32 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\DENNIS.Dennis-PC\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 97.97% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.77 Gb Total Space | 168.83 Gb Free Space | 75.79% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.17 Gb Free Space | 61.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DENNIS-PC
Current User Name: DENNIS
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2176694402-3255639231-4089149711-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5FDC8D13-8447-43C5-A03B-20C45D361FAC}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{D501C735-1D02-4306-8F54-C312EBF01B14}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2057C8DE-F41A-4945-9B91-501B725719CD}" = protocol=17 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\updatemgr.exe |
"{22737F3C-6EDE-4111-9CE9-DF6DE1FC5831}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{2B53E217-F70C-4344-BBE2-FD974D1F4009}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{3423008D-17EE-4017-A86A-91DB29AB2AB8}" = protocol=6 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\ttax.exe |
"{5C5426A5-7869-4AF0-A308-B34CE106C303}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{673DB804-1271-477D-855C-2EE96D92B982}" = protocol=6 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\updatemgr.exe |
"{689227DF-50ED-4DD9-A54B-D363E68A66C4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6B3CE1FB-CEAC-4856-B177-FDB38BBBB95F}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{7F4BCBE4-20CE-4F16-9F29-255ABCB714A8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83BD1BFD-D28E-4648-A2D1-AF245719392F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8EC38D51-CE96-4AE5-BDDB-0074A50E9D1B}" = protocol=17 | dir=in | app=c:\program files\turbotax\premier 2007\32bit\ttax.exe |
"{91759461-424C-45CE-BE72-FE819D0E0E86}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9CAC8998-58BA-4695-8742-5B030101E14A}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{A83B2E21-158F-491A-B229-A094B88D3B43}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{C0BA0E41-9A75-4D00-91BE-27537843B818}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C201E276-1402-4943-82EB-183CEF2B8EDB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{D2034F35-245F-456D-A8C2-7234814E7D4D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{E90BD9E8-554B-464C-8855-54EE7D0B5CCD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{2222B364-0854-4265-B32E-A142DB9DC7BB}" = Intel(R) PRO Network Connections 11.2.1.69
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel(R) Viiv(TM) Software
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3249DFD2-11C4-48D3-BCE4-0793FAD78620}" = SymNet
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{8BFD3ECE-D26C-4A43-9D86-07F6B69D1DDB}" = Symantec Real Time Storage Protection Component
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9060B698-2B29-4A1F-B876-BEAC4C0A25D5}" = KhalSetup
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AIM_6" = AIM 6
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"ENTERPRISER" = Microsoft Office Enterprise 2007
"HijackThis" = HijackThis 2.0.2
"Intel(R) Configuration Center" = Intel(R) Viiv(TM) Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"NVIDIA Drivers" = NVIDIA Drivers
"PROSet" = Intel(R) PRO Network Connections Drivers
"PROSetDX" = Intel(R) PRO Network Connections 11.2.1.69
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"TurboTax Premier 2007" = TurboTax Premier 2007
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 8/25/2009 3:32:21 PM | Computer Name = Dennis-PC | Source = System Restore | ID = 8193
Description =
Error - 8/25/2009 3:32:21 PM | Computer Name = Dennis-PC | Source = System Restore | ID = 8210
Description =
Error - 8/27/2009 3:00:41 AM | Computer Name = Dennis-PC | Source = VSS | ID = 12293
Description =
Error - 8/27/2009 3:00:41 AM | Computer Name = Dennis-PC | Source = System Restore | ID = 8193
Description =
Error - 8/27/2009 3:00:45 AM | Computer Name = Dennis-PC | Source = VSS | ID = 12293
Description =
Error - 8/27/2009 3:00:45 AM | Computer Name = Dennis-PC | Source = System Restore | ID = 8193
Description =
Error - 8/27/2009 3:00:52 AM | Computer Name = Dennis-PC | Source = VSS | ID = 12293
Description =
Error - 8/27/2009 3:00:52 AM | Computer Name = Dennis-PC | Source = System Restore | ID = 8193
Description =
Error - 8/27/2009 9:12:56 PM | Computer Name = Dennis-PC | Source = VSS | ID = 12293
Description =
Error - 8/27/2009 9:12:56 PM | Computer Name = Dennis-PC | Source = System Restore | ID = 8193
Description =
[ IntelDH Events ]
Error - 8/24/2009 9:23:03 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/24/2009 10:55:35 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/25/2009 9:18:16 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/27/2009 8:44:12 AM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/28/2009 6:56:11 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/29/2009 11:31:16 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/29/2009 11:32:19 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/30/2009 4:03:22 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/30/2009 4:04:59 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
Error - 8/30/2009 4:08:50 PM | Computer Name = Dennis-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Could not
create ICCUEngine interface pointer
[ Media Center Events ]
Error - 12/6/2007 8:56:50 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/14/2007 10:47:43 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/17/2007 6:44:46 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/24/2008 10:46:37 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/1/2008 12:01:48 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/2/2008 9:07:07 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 8/28/2008 11:11:40 AM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/26/2009 6:42:40 AM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 3/24/2009 4:41:34 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/11/2009 7:31:11 PM | Computer Name = Dennis-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 8/21/2008 6:32:24 AM | Computer Name = Dennis-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 8/21/2008 2:51:37 PM | Computer Name = Dennis-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:46:54 PM on 8/21/2008 was unexpected.
Error - 8/24/2008 10:00:03 PM | Computer Name = Dennis-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 8/28/2008 10:00:03 PM | Computer Name = Dennis-PC | Source = Service Control Manager | ID = 7023
Description =
< End of report >