EDIT::::I was able to kill the process!!! I ran malwarebytes, it removed a bunch of things but not sysguard2010 or anything associated with it. I've got the following logs from OTL:
OTL logfile created on: 11/29/2009 9:46:29 PM - Run 1
OTL by OldTimer - Version 3.1.11.3 Folder = C:\Users\Grr Argg\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.77% Memory free
4.00 Gb Paging File | 3.05 Gb Available in Paging File | 76.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 253.82 Gb Free Space | 88.02% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 4.33 Gb Free Space | 44.54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 98.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Grr Argg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/11/29 21:46:15 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTL.exe
PRC - [2009/11/29 17:20:51 | 00,472,064 | ---- | M] ( ) -- C:\Users\Grr Argg\Desktop\RootRepeal.exe
PRC - [2009/11/29 17:18:24 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Grr Argg\Desktop\SysRestorePoint.exe
PRC - [2009/11/28 17:14:11 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTM.exe
PRC - [2009/11/02 08:43:34 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/28 09:38:50 | 00,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\waol.exe
PRC - [2009/10/28 09:38:49 | 00,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\shellmon.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/10 12:32:18 | 00,305,664 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2009/10/10 12:32:18 | 00,203,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/20 14:52:23 | 00,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1176099075\ee\aolsoftware.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/04/11 01:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 01:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 01:27:20 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 15:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/10/25 07:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/06/10 03:51:04 | 00,438,272 | ---- | M] (W3i Holdings, LLC) -- C:\Windows\Web\Wallpaper\Wallery\DesktopSlideShow.exe
PRC - [2008/01/31 19:55:07 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/01/19 02:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 02:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2007/11/15 13:11:04 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/11/15 13:10:54 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/03/20 09:10:34 | 00,281,600 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Gateway\EzTune\dthtml.exe
PRC - [2007/03/20 09:08:44 | 00,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/03/20 09:08:02 | 00,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/03/01 18:55:50 | 03,379,264 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2007/02/09 11:17:26 | 00,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2006/12/12 09:03:58 | 00,106,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2006/12/12 09:02:38 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2006/12/12 09:02:28 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/10/16 20:40:00 | 01,197,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2006/10/13 18:18:24 | 00,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
PRC - [2006/10/11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005/09/29 13:55:38 | 00,069,632 | ---- | M] () -- C:\Windows\System32\FreezeScreenSaver.exe
========== Modules (SafeList) ==========
MOD - [2009/11/29 21:46:15 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (PremierOpinion)
SRV - File not found -- -- (MyWebSearchService)
SRV - [2009/11/25 00:46:37 | 00,135,664 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/11/02 08:43:34 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/27 08:50:12 | 00,316,312 | ---- | M] (McAfee, Inc.) -- C:\Windows\Temp\0131251175870538mcinst.exe -- (0131251175870538mcinstcleanup) McAfee Application Installer Cleanup (0131251175870538)
SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/16 10:23:32 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/03/25 07:52:08 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/01/19 02:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/15 13:10:54 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2007/03/20 09:08:44 | 00,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2007/03/01 18:55:50 | 03,379,264 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2006/12/20 17:25:09 | 00,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2006/11/18 10:01:26 | 00,195,032 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel®
SRV - [2006/11/18 10:00:48 | 00,550,872 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel®
SRV - [2006/11/18 10:00:06 | 00,174,552 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel®
SRV - [2006/11/18 09:59:38 | 00,081,880 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel®
SRV - [2006/11/18 09:59:02 | 00,032,216 | ---- | M] () -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel® Viiv
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/29 12:03:30 | 00,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/09/29 15:38:50 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/08/04 20:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/09/29 13:55:38 | 00,069,632 | ---- | M] () -- C:\Windows\System32\FreezeScreenSaver.exe -- (FreezeScreenSaver)
========== Driver Services (SafeList) ==========
DRV - File not found -- -- (rootrepeal)
DRV - [2009/09/16 09:22:48 | 00,214,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 00,079,816 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 11:32:26 | 00,130,424 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/05/22 15:23:28 | 00,155,648 | ---- | M] (ViXS Systems Inc.) -- C:\Windows\System32\drivers\xcbda.sys -- (xcbdaNtsc) ViXS Tuner Card (NTSC)
DRV - [2007/03/22 11:57:14 | 00,028,672 | --S- | M] (Gteko Ltd.) -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 11:57:14 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2007/03/01 18:54:22 | 00,021,056 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/03/01 18:54:18 | 00,144,960 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV)
DRV - [2007/03/01 18:54:16 | 00,022,080 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD)
DRV - [2007/03/01 18:54:16 | 00,020,544 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSFS0509.SYS -- (SSFS0509)
DRV - [2007/02/28 16:57:28 | 00,323,584 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/12/18 12:09:51 | 00,005,504 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2006/12/12 09:49:56 | 01,476,608 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2006/11/18 10:01:08 | 00,018,904 | ---- | M] () -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2006/11/16 16:20:48 | 00,015,920 | ---- | M] (Portrait Displays, Inc.) -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2006/11/16 13:10:44 | 00,214,912 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/08 18:55:10 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/08 18:54:02 | 00,258,048 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/11/08 18:53:48 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:49 | 00,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\ac97intc.sys -- (ac97intc) Intel® 82801 Audio Driver Install Service (WDM)
DRV - [2006/11/02 02:36:45 | 01,302,492 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\ialmnt5.sys -- (ialm)
DRV - [2006/11/02 02:30:56 | 02,589,184 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32) Intel®
DRV - [2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/11/02 02:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/11/01 15:18:15 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/10/30 19:53:32 | 00,044,416 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2006/10/19 18:49:48 | 00,007,424 | --S- | M] (Gteko Ltd.) -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/09/29 14:59:58 | 00,250,368 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2006/09/27 19:37:24 | 00,028,672 | --S- | M] (Gteko Ltd.) -- C:\Windows\System32\drivers\nmsgopro.sys -- (nmsgopro)
DRV - [2006/09/19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/08/04 20:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/19 17:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/07 16:32:58 | 00,024,960 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/09/07 16:29:44 | 00,044,288 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2004/07/05 11:12:00 | 00,014,336 | ---- | M] (Cisco-Linksys, LLC) -- C:\Windows\System32\drivers\BEFCMU10V4XP.sys -- (BEFCMU10V4XP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...h...TP&M=GM5420
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...TP&M=GM5420
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...h...TP&M=GM5420
IE - HKLM\..\URLSearchHook: {69224684-5682-419b-9fe4-ef7946ee3319} - C:\Program Files\AOL Radio Toolbar\aolradiotb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 48 35 EA C1 55 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\PremierOpinion
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AOL Radio Toolbar Loader) - {2abdb2f7-4cbf-4939-ba12-fddc827b6a2d} - C:\Program Files\AOL Radio Toolbar\aolradiotb.dll (AOL LLC.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (AOL Radio Toolbar) - {9167da98-6f9b-46f1-991d-826cae46cab6} - C:\Program Files\AOL Radio Toolbar\aolradiotb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Radio Toolbar) - {9167DA98-6F9B-46F1-991D-826CAE46CAB6} - C:\Program Files\AOL Radio Toolbar\aolradiotb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [DT GWY] C:\Program Files\Gateway\EzTune\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1176099075\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [trioService] C:\PROGRA~1\Freeze.com\3D Falling Leaves\trioService.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [DesktopWallpaper] C:\Windows\Web\Wallpaper\Wallery\DesktopSlideShow.exe (W3i Holdings, LLC)
O4 - HKCU..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe File not found
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe File not found
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKCU..\Run: [rsyfslwi] C:\Users\Grr Argg\AppData\Local\iwqyym\gbfjsysguard.exe ()
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -Mozilla\4.0 ( File not found
O4 - Startup: C:\Users\Grr Argg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Translate with &Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Grr Argg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: blogspot.com ([environmentalistsblog] https in Trusted sites)
O15 - HKCU\..Trusted Domains: deviantart.com ([davidluna] https in Trusted sites)
O15 - HKCU\..Trusted Domains: deviantart.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: myspace.com ([profile] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 5 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/...ader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.77.134 68.87.72.134
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - C:\Windows\System32\WRLogonNtf.dll (Webroot Software, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 00,000,053 | -HS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [1996/02/14 13:58:46 | 00,215,040 | R--- | M] () - H:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [1995/11/10 05:50:46 | 00,000,046 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{37918270-c892-11db-88a9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37918270-c892-11db-88a9-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AUTORUN.EXE -- [1996/02/14 13:58:46 | 00,215,040 | R--- | M] ()
O33 - MountPoints2\{b323a0d5-02e1-11dc-98be-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b323a0d5-02e1-11dc-98be-00038a000015}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\Windows\System32\ssiefr.EXE (Webroot Software Inc (www.webroot.com))
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/29 21:46:05 | 00,536,064 | ---- | C] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTL.exe
[2009/11/29 20:54:24 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Grr Argg\Desktop\HJTInstall.exe
[2009/11/29 18:04:50 | 00,000,000 | ---D | C] -- C:\Users\Grr Argg\AppData\Roaming\Malwarebytes
[2009/11/29 17:20:40 | 00,472,064 | ---- | C] ( ) -- C:\Users\Grr Argg\Desktop\RootRepeal.exe
[2009/11/29 17:19:06 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Grr Argg\Desktop\mbam-setup.exe
[2009/11/29 17:18:24 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Grr Argg\Desktop\SysRestorePoint.exe
[2009/11/29 16:38:45 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/11/28 17:24:57 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/28 17:24:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/28 17:24:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/28 17:24:55 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/28 17:15:15 | 00,000,000 | ---D | C] -- C:\_OTM
[2009/11/28 17:14:07 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTM.exe
[2009/11/28 14:05:43 | 00,000,000 | ---D | C] -- C:\Users\Grr Argg\AppData\Local\iwqyym
[2009/11/25 03:00:48 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/24 16:01:40 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/23 03:02:59 | 00,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\flashax.exe
[2009/11/23 03:02:59 | 00,000,000 | ---D | C] -- C:\Windows\DarkTowerV dir
[2009/11/23 02:35:00 | 35,105,792 | ---- | C] (3Planesoft) -- C:\Windows\System32\Snow Village 3D Screensaver.exe
[2009/11/23 02:35:00 | 00,887,808 | ---- | C] (3Planesoft) -- C:\Windows\System32\Snow_Village_3D_Screensaver.scr
[2009/11/23 02:35:00 | 00,000,000 | ---D | C] -- C:\Program Files\Snow Village 3D Screensaver
[2009/11/23 02:26:54 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2009/11/23 02:19:41 | 00,000,000 | ---D | C] -- C:\Program Files\ScenicReflections
[2009/11/21 11:08:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/11/17 03:18:35 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/11/17 03:02:39 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2009/11/17 03:02:37 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2009/11/17 03:02:37 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2009/11/17 03:02:05 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/11/17 03:02:03 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/11/17 03:02:00 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2009/11/17 03:02:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/11/17 03:01:59 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/11/17 03:01:59 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2009/11/17 03:01:59 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/11/17 03:01:59 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2009/11/17 03:01:59 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/11/17 03:01:59 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2009/11/17 03:01:59 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2009/11/17 03:01:59 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2009/11/17 03:01:59 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/11/17 03:01:59 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2009/11/17 03:01:58 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2009/11/17 03:01:58 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2009/11/17 03:01:58 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2009/11/17 03:01:58 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2009/11/17 03:01:58 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2009/11/17 03:01:58 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2009/11/17 03:01:58 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2009/11/17 03:01:58 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2009/11/17 03:01:58 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2009/11/17 03:01:58 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2009/11/17 03:01:58 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2009/11/17 03:01:35 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2009/11/17 03:01:35 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2009/11/17 03:01:28 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/11/17 03:01:23 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2009/11/17 03:01:22 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2009/11/17 03:01:22 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2009/11/17 03:01:22 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/11/17 03:01:22 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2009/11/17 03:01:22 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/11/17 03:01:22 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/11/17 03:01:22 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/11/17 03:01:22 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2009/11/17 03:00:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2009/11/17 03:00:16 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2009/11/15 18:28:37 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL Toolbar
[2009/11/15 18:28:37 | 00,000,000 | ---D | C] -- C:\Program Files\AOL Toolbar
[2009/11/15 18:28:36 | 00,000,000 | ---D | C] -- C:\Users\Grr Argg\AppData\Local\AOL Toolbar
[2009/11/15 18:28:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2009/11/15 18:27:31 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2009/11/10 18:19:18 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/10 18:19:05 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/11/07 16:36:27 | 00,000,000 | ---D | C] -- C:\Users\Grr Argg\oldgames
[2009/11/07 16:35:35 | 00,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.73
[2009/11/07 14:52:07 | 00,000,000 | ---D | C] -- C:\Users\Grr Argg\AppData\Local\DOSBox
[2009/11/04 03:02:40 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/29 21:51:06 | 04,194,304 | -HS- | M] () -- C:\Users\Grr Argg\NTUSER.DAT
[2009/11/29 21:51:01 | 00,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/29 21:50:00 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ABFB7471-F860-4209-B393-A8100507B147}.job
[2009/11/29 21:48:16 | 00,453,695 | ---- | M] () -- C:\Users\Grr Argg\Desktop\Silent Runners.vbs
[2009/11/29 21:46:15 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTL.exe
[2009/11/29 21:42:22 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/29 21:42:22 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/29 21:42:22 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/29 21:38:20 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/11/29 21:36:27 | 00,026,947 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2009/11/29 21:36:03 | 00,040,001 | ---- | M] () -- C:\log.html
[2009/11/29 21:35:59 | 00,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/29 21:35:52 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/29 21:35:52 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/29 21:35:52 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/29 21:35:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/29 21:35:42 | 21,198,92992 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/29 21:34:33 | 00,524,288 | -HS- | M] () -- C:\Users\Grr Argg\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/11/29 21:34:33 | 00,065,536 | -HS- | M] () -- C:\Users\Grr Argg\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/11/29 21:34:31 | 04,214,460 | -H-- | M] () -- C:\Users\Grr Argg\AppData\Local\IconCache.db
[2009/11/29 21:06:04 | 00,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A8076C99-D2A1-440E-AA3A-2515C5FFD67B}.job
[2009/11/29 20:54:26 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Grr Argg\Desktop\HJTInstall.exe
[2009/11/29 19:32:06 | 00,018,432 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2009/11/29 18:00:00 | 00,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2009/11/29 17:21:32 | 00,000,000 | ---- | M] () -- C:\Users\Grr Argg\Desktop\settings.dat
[2009/11/29 17:20:51 | 00,472,064 | ---- | M] ( ) -- C:\Users\Grr Argg\Desktop\RootRepeal.exe
[2009/11/29 17:19:11 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Grr Argg\Desktop\mbam-setup.exe
[2009/11/29 17:18:24 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Grr Argg\Desktop\SysRestorePoint.exe
[2009/11/29 16:37:48 | 00,001,283 | ---- | M] () -- C:\Users\Grr Argg\Documents\thedamnvirusstep2.rtx
[2009/11/29 16:10:24 | 00,001,126 | ---- | M] () -- C:\Users\Grr Argg\Documents\thedamnvirus.rtx
[2009/11/28 17:24:59 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/28 17:14:11 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Grr Argg\Desktop\OTM.exe
[2009/11/25 00:49:35 | 00,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/11/25 00:49:14 | 00,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/11/24 17:57:40 | 00,001,863 | ---- | M] () -- C:\Users\Grr Argg\Desktop\Wallery.lnk
[2009/11/24 02:14:23 | 00,014,125 | ---- | M] () -- C:\Users\Grr Argg\.recently-used.xbel
[2009/11/23 03:02:59 | 00,535,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\flashax.exe
[2009/11/23 03:02:59 | 00,012,288 | ---- | M] () -- C:\Windows\impborl.dll
[2009/11/19 14:16:00 | 00,023,040 | ---- | M] () -- C:\Users\Grr Argg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/17 03:18:26 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/17 03:18:18 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/16 17:05:54 | 00,000,308 | ---- | M] () -- C:\Windows\win.ini
[2009/11/15 18:29:36 | 00,000,734 | ---- | M] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2009/11/15 01:04:21 | 00,000,340 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2009/11/11 03:22:15 | 00,324,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/11/07 16:35:36 | 00,001,683 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.73.lnk
[2009/11/01 00:00:05 | 00,000,332 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/29 21:48:16 | 00,453,695 | ---- | C] () -- C:\Users\Grr Argg\Desktop\Silent Runners.vbs
[2009/11/29 19:32:01 | 21,198,92992 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/29 17:21:32 | 00,000,000 | ---- | C] () -- C:\Users\Grr Argg\Desktop\settings.dat
[2009/11/29 16:37:47 | 00,001,283 | ---- | C] () -- C:\Users\Grr Argg\Documents\thedamnvirusstep2.rtx
[2009/11/29 16:10:24 | 00,001,126 | ---- | C] () -- C:\Users\Grr Argg\Documents\thedamnvirus.rtx
[2009/11/28 17:24:59 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/25 00:49:35 | 00,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/11/25 00:49:14 | 00,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/11/25 00:46:59 | 00,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/25 00:46:59 | 00,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/24 17:57:40 | 00,001,863 | ---- | C] () -- C:\Users\Grr Argg\Desktop\Wallery.lnk
[2009/11/24 02:14:23 | 00,014,125 | ---- | C] () -- C:\Users\Grr Argg\.recently-used.xbel
[2009/11/23 03:02:59 | 00,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2009/11/17 03:18:26 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/17 03:18:18 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/07 16:35:36 | 00,001,683 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.73.lnk
[2009/09/18 03:49:58 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/17 23:12:53 | 00,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009/03/17 23:12:53 | 00,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009/03/17 23:12:53 | 00,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009/03/17 20:35:20 | 00,000,157 | ---- | C] () -- C:\Windows\MABVRX.INI
[2009/03/17 19:36:46 | 00,000,465 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/11/28 20:36:24 | 00,000,204 | ---- | C] () -- C:\Windows\hjslhw32.ini
[2008/10/04 15:59:51 | 00,974,848 | ---- | C] () -- C:\Windows\vorbis.dll
[2008/10/04 15:59:51 | 00,049,152 | ---- | C] () -- C:\Windows\ogg.dll
[2008/10/04 15:59:51 | 00,028,672 | ---- | C] () -- C:\Windows\vorbisfile.dll
[2007/07/06 23:29:57 | 00,000,000 | ---- | C] () -- C:\Users\Grr Argg\AppData\Roaming\wklnhst.dat
[2007/05/18 23:28:34 | 00,002,304 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2007/05/01 22:57:54 | 00,000,680 | ---- | C] () -- C:\Users\Grr Argg\AppData\Local\d3d9caps.dat
[2007/04/14 06:14:59 | 00,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2007/04/09 01:37:17 | 00,023,040 | ---- | C] () -- C:\Users\Grr Argg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/09 00:00:49 | 00,000,000 | ---- | C] () -- C:\Windows\pcfriend.INI
[2006/12/18 12:50:53 | 00,467,264 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2006/12/18 12:50:53 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1138.dll
[2006/12/18 12:50:53 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/12 10:13:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 09:02:50 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/12/12 09:01:48 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/22 17:16:18 | 00,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 13:50:06 | 00,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/23 12:09:34 | 00,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006/04/29 22:34:04 | 00,049,152 | ---- | C] () -- C:\Windows\System32\WbxRMenu.dll
[2006/04/13 21:18:24 | 00,196,608 | ---- | C] () -- C:\Windows\System32\atonres.dll
[2006/04/13 21:18:24 | 00,131,072 | ---- | C] () -- C:\Windows\System32\WbxMSAI.dll
[2006/04/13 21:18:24 | 00,098,304 | ---- | C] () -- C:\Windows\System32\atonecli.dll
[1998/10/10 23:07:38 | 00,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF
< End of report >
OTL Extras logfile created on: 11/29/2009 9:46:29 PM - Run 1
OTL by OldTimer - Version 3.1.11.3 Folder = C:\Users\Grr Argg\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 51.77% Memory free
4.00 Gb Paging File | 3.05 Gb Available in Paging File | 76.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 253.82 Gb Free Space | 88.02% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 4.33 Gb Free Space | 44.54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 98.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded
Computer Name: OWNER-PC
Current User Name: Grr Argg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4278196236-3910043076-1921008887-1001]
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4278196236-3910043076-1921008887-500]
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D7E7F41-61C7-4D2A-A066-3BB3CB07D651}" = lport=1723 | protocol=6 | dir=in | app=system |
"{0F77EF6B-92BD-489C-9F3D-469C9532B23B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1D5A02A5-83F9-40BE-8A62-82B9396E4D7E}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv media server upnp discovery |
"{31B085BF-BB3C-4A38-903A-7DA3AC02830C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{322AD7B6-E171-45C6-BE8E-77989EC5F35C}" = rport=1723 | protocol=6 | dir=out | app=system |
"{43881C3A-47CD-4C9C-B22F-676EBC51C6A7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5336EA52-AEED-43F9-AE25-AA08A79BCF02}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{56317DDC-66D6-4C37-9639-B6884C0FD450}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv media server discovery |
"{5843864B-FACD-44F7-9F2E-D2941A3DFC9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B8E0C9D-3C1C-4FB8-939E-833EF4291641}" = rport=2869 | protocol=6 | dir=out | app=system |
"{6FE9B20F-3ADE-4E54-82B8-D6FF84E10041}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{84774EF8-80E5-46AC-A383-F56EA72800D4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8DDFF8FB-4CEE-43A1-8ED5-A6884ACB26E8}" = rport=1701 | protocol=17 | dir=out | app=system |
"{9080740E-3055-480E-B427-5837682DB14D}" = lport=1701 | protocol=17 | dir=in | app=system |
"{9C19366B-C135-4403-B552-D5C06A9CC87E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A9512F1E-C8D9-4D60-AA23-99D2DE156513}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF46DAB7-29E8-441C-9410-B1B48978149C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B489FDCD-1921-4468-BA47-B70D28BD2192}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B829E4EA-DA46-409F-BDF5-69502B19C034}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C13BCFB9-0B1A-4333-A75A-A3476E147E87}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DDC8BBFD-CA54-4F3A-96DD-69304CCAA8D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E128D138-53B2-4F14-9E13-60B0FB8FC883}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E240D3D1-1599-44DA-8898-931359EFF279}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2F4F326-A404-4604-A6C8-435E783139A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F9F81971-3F83-438F-9DEF-019A2813559E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FA1484E4-8819-49FC-959E-C6932056C5EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01748BE4-B61F-44F0-89C8-1A0FB05A5193}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{030D2F73-48EE-4439-9CC2-B2FA13228C3E}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{11B18FB5-AEAC-4B95-BBC1-D9391D51B7FF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{165A58FA-6FEF-4A40-8683-9B092291AFDD}" = protocol=58 | dir=out | [email protected],-203 |
"{19BBF0B9-789F-4A72-93CE-596627175F79}" = protocol=58 | dir=in | [email protected],-148 |
"{20AC86AB-6149-4A2C-B822-86DA48195567}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{26630931-15B8-4592-A74D-6692D91234B5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{2D2A53DD-62DB-45AA-B3AD-A420084D17B8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{2FA1E3AA-FDF6-47BA-B487-E552D667971A}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{337CCD02-060A-42C5-8212-D05AFA24993D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{410DBAFF-8201-4CC0-AACE-74EF66CCEEC5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{4299BF0F-EE4D-4A38-AA76-BCA56ABCD1DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{431DDD6E-BF6C-4C7A-9F8C-981A08C66290}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{4669DA3A-DF0F-4A08-98BF-FC31196AE5FF}" = protocol=6 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{4852720E-5DBF-449D-B46E-0608C7C9675C}" = protocol=6 | dir=in | app=c:\windows\temp\~os36b8.tmp\pmropn.exe |
"{4F321199-E657-439D-B959-5476729617D6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{4F61DDEF-8BD2-4058-BC14-C3F6FB350F6B}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{508389C7-CEAB-4BEF-90D8-3A6550CBA922}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{552E08E6-58C3-48CA-9E1F-12D293B785BF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C552426-AB82-4104-89C6-E9E02884ABA9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{64338E66-82DD-4766-BE36-057D13B09227}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6598DDEB-06D5-4DE3-8702-8FE6AFEC93D2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6A8025DF-CB8E-43E0-98DA-DC4ED103E086}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{71888C28-57CD-4477-BACC-04BF81476DDB}" = protocol=6 | dir=in | app=c:\windows\temp\~osa949.tmp\pmropn.exe |
"{72592CCC-849E-4851-A6CD-3BFFB95ECEC6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{73ADB40E-7741-471A-BE29-81C9A9B7C795}" = protocol=58 | dir=in | app=system |
"{79936099-8E79-4C0E-8873-19248ECDF5E2}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{7A665557-8497-405B-B268-558B7C4BE00F}" = protocol=17 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{84DA7F5B-575A-4181-903D-0659268A92F0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{87D3F70C-9A4E-4087-92B1-4268517DD466}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1176099075\ee\aolsoftware.exe |
"{89E5F644-20E3-4490-B6EF-74A7690E806F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8A88B788-C743-4874-AD6E-4F51306557D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{8C1DB63C-1A3D-499E-8C3E-BFE19CD9A404}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{909871D1-9125-4EB6-BF0B-D7405128211C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{926624ED-9D4F-4E6A-AA4C-5CCDB07412B5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{9553FEB0-6F91-4054-B6C5-21B2E198F8DD}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{96283C11-9F29-415C-9C5B-0467D3C4F076}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AAD5D3AD-F2B4-466B-9F1F-AB82A949FC3A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2B6E2DB-51EB-4A50-A8C6-88A7C875A146}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1176099075\ee\aolsoftware.exe |
"{B366AA78-7E2B-4824-BA56-AF98B9A0FDA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B4751B84-BD97-45BA-9ED2-9F356717A5C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD5C7654-45FE-4E97-8BD8-4179A3AAE775}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{BE428BEE-D049-4C7E-9B31-B811D7CA30A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE6CC36F-0932-4D41-9C42-4493CEA5F866}" = protocol=6 | dir=out | app=system |
"{BEFC67C9-7F47-4569-B8BF-119A09811BF5}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{C0799049-7929-421B-BA3E-E835DA7D189E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{C3ACC849-B464-4B8F-B9BA-F679A554ED0F}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{CE03BDFA-C2CF-4CE7-861C-DC2F2F2BF5CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5AFEBF6-8B23-426F-BFCE-09BBA112628C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{E3B048E9-D6AE-4C02-B140-4670CC3B1754}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E6CACD46-DCA0-4255-98DF-4F2053889A94}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{E74F9CD3-27A3-4B00-9EC4-0962EE9BB298}" = protocol=6 | dir=out | app=system |
"{F37A9723-5A2C-4D00-A23B-9444ABA12450}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F6ADBEE8-2266-4A2A-BAED-D49804227465}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{0E324F2D-23E7-407C-901C-77D79A867A34}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=6 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"TCP Query User{10E27958-C043-40FA-BBA8-6764C681DB52}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{114F05F8-5F3D-4C70-A636-BAE5FB7709DC}H:\alice.exe" = protocol=6 | dir=in | app=h:\alice.exe |
"TCP Query User{3F61C71D-F541-4944-8833-9FB41AB652CE}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{80E52A7D-4A49-4252-A37F-88A1C1918D8F}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{88D802CA-D648-496B-ACF9-57C048077672}C:\program files\aol 9.0a\waol.exe" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"UDP Query User{01056EE0-C41B-4883-AF14-C954492FE25C}H:\alice.exe" = protocol=17 | dir=in | app=h:\alice.exe |
"UDP Query User{1A213A0D-353B-4B10-B280-D6BBE779F48F}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{561A090E-02F9-4636-852C-C0DC6DFCA9D4}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=17 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"UDP Query User{92C34F3D-1B2F-440D-9A30-35AD4AF4F517}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C06911EE-EDC2-45BD-8298-32D50CD4A3FD}C:\program files\aol 9.0a\waol.exe" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"UDP Query User{E28D6328-91CF-4BF9-8311-3C51B80E7976}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{26671921-A46D-4639-B7EF-E43BE6F2AE73}" = EASEUS Data Recovery Wizard 4.3.6 Demo
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel® Viiv Software
"{28AB96F0-CB54-4C01-B9D8-426B40DA1B77}" = cottageofautumn
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{362F8AC6-4EA5-C5AC-ED7E-1F49F0EE20D5}" = TweetDeck
"{370E4C57-F2EA-43D8-9FEA-48D661E7347A}" = homefortheholiday
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45159078-0FE6-4844-A9C0-F61C0321AA6E}" = nightofflyingwitches
"{4F5CE18C-D97D-48FF-A510-A0D90C918294}" = iTunes
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77B5AD60-8F14-11D4-9BC9-0050041A1090}" = American McGee's Alice
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9074AFC0-CFDA-11DE-B484-005056806466}" = Google Earth
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9763E36A-08E9-4228-BBCE-12989A4EB1A8}" = QuickTime
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A4D3FF6-FFDD-4E4E-B887-4BF378174F04}" = ArcSoft PhotoStudio 6
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B1C2398C-6FAB-46D1-806C-5942F0829994}" = ParetoLogic Data Recovery
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B5AD48-8D34-41D3-BD8A-8A10BD9BDED3}_is1" = Spy Sweeper
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ENS31293-4DD5-81C6-3BE0-624AC34560005}_is1" = The Great Lake
"{F4955758-B754-471D-9091-7CE2C3D9E9AA}" = EzTune
"0FE164B6A5C3A836EB5B56268A755B7616558E8B" = Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (11/17/2006 6.2.77.1)
"3-D Autumn Woods Demo" = 3-D Autumn Woods Demo Screen Saver
"3D Falling Leaves Screen Saver" = 3D Falling Leaves Screen Saver
"3D Four Seasons Premium Screen Saver" = 3D Four Seasons Premium Screen Saver
"3D Lake Cabin Full Screen Saver" = 3D Lake Cabin Full Screen Saver
"3D Snowy Cottage Screen Saver" = 3D Snowy Cottage Screen Saver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced GIF Animator_is1" = Advanced GIF Animator 2.23
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"Animated Screensaver-Xmass Fireplace-Screensaver" = Xmass Fireplace Screensaver
"AOL Radio Toolbar" = AOL Radio Toolbar
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Autumn Pumkins" = Autumn Pumkins
"Autumn Scenes Full Screen Saver" = Autumn Scenes Full Screen Saver
"Babylon" = Babylon
"Beyond Atlantis" = Beyond Atlantis
"bloodplus_1" = bloodplus_1 Screen Saver
"Calm Before the Storm Full Screen Saver" = Calm Before the Storm Full Screen Saver
"Canon MP160 User Registration" = Canon MP160 User Registration
"CanonMyPrinter" = Canon My Printer
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"Colors of Autumn Scenic Reflections" = Colors of Autumn Scenic Reflections 4.0
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Diablo II" = Diablo II
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"Easy GIF Animator_is1" = Easy GIF Animator 4.0
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"File Recover_is1" = File Recover 7.0
"FontCreator55_is1" = FontCreator 5.6
"Free Christmas Tree 3D Screensaver_is1" = Free Christmas Tree 3D Screensaver
"Gateway Game Console" = Gateway Game Console
"Ghostly Tomb" = Ghostly Tomb
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Halloween Full Screen Saver" = Halloween Full Screen Saver
"Haunted House Screen Saver" = Haunted House Screen Saver
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Intel® Management Engine Interface
"Home For the Holidays Screensaver" = Home For the Holidays Screensaver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Intel® Configuration Center" = Intel® Viiv Software
"JamC@m Version 2.0" = JamC@m Version 2.0
"Lightning Storm Screen Saver" = Lightning Storm Screen Saver
"Linksys BEFCMU10V4 Uninstall" = Linksys BEFCMU10 ver. 4 Cable Modem
"Living 3D Butterflies Full Screen Saver" = Living 3D Butterflies Full Screen Saver
"Living 3D Dinosaurs Full Screen Saver" = Living 3D Dinosaurs Full Screen Saver
"Living 3D Dolphins Screen Saver" = Living 3D Dolphins Screen Saver
"Living Marine Aquarium 2 Screen Saver" = Living Marine Aquarium 2 Screen Saver
"Lords of the Realm II" = Lords of the Realm II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Picture It!" = Microsoft Picture It! 99
"Modern Age Books." = Modern Age Books
"Money2006b" = Microsoft Money 2006
"Moonlight Lake Premium Screen Saver" = Moonlight Lake Premium Screen Saver
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSC" = McAfee SecurityCenter
"MySpaceIM" = MySpaceIM
"Night Before Christmas Screen Saver" = Night Before Christmas Screen Saver
"Night of Flying Witches by DF DESIGNS Screensaver" = Night of Flying Witches by DF DESIGNS Screensaverll\Night Before Christmas Screen Saver
"PCFriendly" = PCFriendly
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PROSet" = Intel® PRO Network Connections Drivers
"Q*bert" = Q*bert
"RealPlayer 6.0" = RealPlayer
"Savings Bond Wizard" = Savings Bond Wizard
"SecondLife" = SecondLife (remove only)
"Sierra Utilities" = Sierra Utilities
"Snow Village 3D Screensaver_is1" = Snow Village 3D Screensaver 1.1
"Snowy Hut 3D Screensaver" = Snowy Hut 3D Screensaver 3.0
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Turkey Forest Screensaver" = Turkey Forest Screensaver
"TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1" = TweetDeck
"UndeletePlus_is1" = Undelete Plus 2.98
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wallery" = Wallery
"Whales and Dolphins Premium Screen Saver" = Whales and Dolphins Premium Screen Saver
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
"WT013189" = Diner Dash
"WT014944" = Bejeweled 2 Deluxe
"WT014952" = Penguins!
"WT014954" = Polar Bowler
"WT014956" = Polar Golfer
"WT014958" = Chuzzle Deluxe
"WT014960" = JEOPARDY
"WT014962" = SCRABBLE
"WT015732" = FATE
"WT015796" = Blasterball 3
"www_screensavers_com" = Screensavers.com Content
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/16/2009 5:36:03 PM | Computer Name = Owner-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 11/16/2009 6:34:47 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application ehtray.exe, version 6.0.6001.18000, time stamp
0x4791938f, faulting module RPCRT4.dll, version 6.0.6002.18024, time stamp 0x49f05bcc,
exception code 0xc0000005, fault offset 0x00049cf7, process id 0x157c, application
start time 0x01ca667774eb3217.
Error - 11/16/2009 6:34:49 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application wpCtrl.exe, version 8.0.0.0, time stamp 0x45ccd674,
faulting module RPCRT4.dll, version 6.0.6002.18024, time stamp 0x49f05bcc, exception
code 0xc0000005, fault offset 0x00049cf7, process id 0x13dc, application start time
0x01ca667773ec8d16.
Error - 11/16/2009 6:35:56 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module winphook.dll_unloaded, version 0.0.0.0, time stamp
0x45ccd687, exception code 0xc0000005, fault offset 0x026b63c0, process id 0x36d0,
application start time 0x01ca66776eaa7764.
Error - 11/16/2009 7:25:16 PM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
Error - 11/16/2009 11:38:05 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18828, time stamp
0x4a9600c9, faulting module IEShims.dll, version 8.0.6001.18828, time stamp 0x4a96171d,
exception code 0xc0000005, fault offset 0x00021e16, process id 0x1274, application
start time 0x01ca67375eca6fa3.
Error - 11/17/2009 1:00:01 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
Error - 11/17/2009 4:00:12 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
Error - 11/17/2009 4:00:47 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
Error - 11/17/2009 4:56:59 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8193
Description =
[ IntelDH Events ]
Error - 4/9/2007 4:43:09 AM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 4/9/2007 4:43:09 AM | Computer Name = Owner-PC | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 4/10/2007 1:46:12 AM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 5/10/2007 5:44:15 PM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 5/10/2007 5:44:15 PM | Computer Name = Owner-PC | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 11/1/2007 10:14:52 PM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 11/1/2007 10:14:52 PM | Computer Name = Owner-PC | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 2/17/2008 6:35:13 PM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 2/17/2008 6:35:13 PM | Computer Name = Owner-PC | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 11/16/2009 4:34:28 PM | Computer Name = Owner-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
[ Media Center Events ]
Error - 4/9/2008 3:33:01 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/18/2008 9:28:27 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 5/25/2008 9:58:17 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 8/28/2008 11:46:51 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/2/2009 7:33:25 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 11/29/2009 4:53:22 PM | Computer Name = Owner-PC | Source = bowser | ID = 8003
Description =
Error - 11/29/2009 5:02:49 PM | Computer Name = Owner-PC | Source = bowser | ID = 8003
Description =
Error - 11/29/2009 5:15:54 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =
Error - 11/29/2009 5:16:24 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =
Error - 11/29/2009 5:41:29 PM | Computer Name = Owner-PC | Source = bowser | ID = 8003
Description =
Error - 11/29/2009 6:07:27 PM | Computer Name = Owner-PC | Source = bowser | ID = 8003
Description =
Error - 11/29/2009 6:33:31 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =
Error - 11/29/2009 7:32:44 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:04:52 PM on 11/29/2009 was unexpected.
Error - 11/29/2009 10:33:14 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 11/29/2009 10:36:20 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Edited by aquilus, 29 November 2009 - 09:11 PM.