I'll be happy to post this elsewhere if this is not a virus/malware issue.
thanks in advance so much!
ETA: i also have just installed a new printer. in the task manager, it says brstswnd.exe, which i thought was my brother printer. now, after i googled it, it seems like might be something else.
sorry, i'm adding my OTL log now...
OTL logfile created on: 8/18/2011 3:46:27 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\kat\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 47.83% Memory free
3.75 Gb Paging File | 2.16 Gb Available in Paging File | 57.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32.52 Gb Total Space | 3.21 Gb Free Space | 9.87% Space Free | Partition Type: NTFS
Drive D: | 32.25 Gb Total Space | 11.06 Gb Free Space | 34.29% Space Free | Partition Type: NTFS
Drive E: | 627.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: KATHRYN | User Name: kat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/08/18 15:38:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\kat\Desktop\OTL.exe
PRC - [2011/08/18 14:57:08 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\kat\AppData\Local\temp\RtkBtMnt.exe
PRC - [2011/01/30 11:45:14 | 001,306,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2010/02/09 16:17:54 | 000,139,264 | R--- | M] () -- C:\Program Files\MioNet\MioNetManager.exe
PRC - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/08/05 17:56:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/16 22:23:34 | 000,984,352 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2009/07/16 21:03:26 | 000,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/07/16 07:50:30 | 000,181,544 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe
PRC - [2008/07/09 23:38:22 | 000,131,072 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Intuit\QuickBooks 2009\QBDBMgr.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 03:38:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008/01/08 09:28:02 | 000,864,256 | ---- | M] (brother) -- C:\Program Files\Brownie\BrStsWnd.exe
PRC - [2007/08/03 11:10:00 | 000,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2007/07/12 00:22:04 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\MioNet\jvm\bin\MioNet.exe
PRC - [2007/04/24 22:17:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/03/20 15:22:06 | 000,114,344 | ---- | M] ( ) -- C:\Program Files\Maxtor\Utils\SyncServices.exe
PRC - [2007/02/27 17:57:48 | 000,716,456 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\ManagerApp\OneTouch.exe
PRC - [2007/02/09 09:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/02/08 13:40:00 | 000,013,312 | ---- | M] (HiTRUST co.) -- C:\Acer\Empowering Technology\eDSMSNfix.exe
PRC - [2007/02/07 03:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/02/07 03:04:16 | 000,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007/01/31 21:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/26 17:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2007/01/24 13:27:42 | 000,319,488 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/01/10 19:20:34 | 000,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/09 08:02:08 | 000,483,328 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2007/01/02 12:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2006/12/28 23:07:22 | 000,724,992 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
PRC - [2006/12/28 23:07:22 | 000,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2006/12/22 17:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2006/12/01 01:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/24 15:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
========== Modules (No Company Name) ==========
MOD - [2011/08/17 10:19:11 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll
MOD - [2011/08/17 10:17:29 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1cc11918d8dd561391bba05c61de7573\System.ServiceProcess.ni.dll
MOD - [2011/08/17 10:17:23 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011/08/17 10:16:56 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011/08/17 10:16:53 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll
MOD - [2011/08/17 10:16:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll
MOD - [2011/08/17 10:16:30 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll
MOD - [2011/08/17 10:16:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll
MOD - [2011/08/17 10:06:40 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011/08/17 10:06:33 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2010/02/09 16:20:52 | 000,081,920 | R--- | M] () -- C:\Program Files\MioNet\WindowSourceDll2.dll
MOD - [2010/02/09 16:19:50 | 000,036,864 | R--- | M] () -- C:\Program Files\MioNet\WindowsUtil.dll
MOD - [2010/02/09 16:19:20 | 000,028,672 | R--- | M] () -- C:\Program Files\MioNet\RegistryDll.dll
MOD - [2010/02/09 16:19:06 | 000,045,056 | R--- | M] () -- C:\Program Files\MioNet\TrayIconDll.dll
MOD - [2009/03/23 21:30:33 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2007/04/24 22:17:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007/04/24 22:17:18 | 000,131,072 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007/04/24 22:17:08 | 000,966,656 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007/04/24 22:16:58 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007/02/07 02:56:30 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BatchCrypto.dll
MOD - [2007/02/07 02:52:08 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2007/01/31 21:18:16 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
MOD - [2007/01/24 13:27:40 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2007/01/24 13:27:24 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007/01/10 16:23:10 | 000,245,760 | ---- | M] () -- C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
MOD - [2007/01/08 16:08:56 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006/12/28 23:07:24 | 000,339,968 | ---- | M] () -- C:\Acer\Empowering Technology\eNet\eNMWidget.dll
MOD - [2006/12/28 23:07:22 | 000,237,568 | ---- | M] () -- C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
MOD - [2006/12/22 19:37:30 | 000,724,992 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\eLockCTL.dll
MOD - [2006/09/04 13:41:14 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2006/08/04 12:44:12 | 000,331,776 | ---- | M] () -- C:\Acer\Empowering Technology\scrollbarlib.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (81F88EAC)
SRV - [2010/02/09 16:17:54 | 000,139,264 | R--- | M] () [Auto | Running] -- C:\Program Files\MioNet\MioNetManager.exe -- (MioNet)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Start_Pending] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/05 17:56:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/16 21:03:26 | 000,024,576 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/08/08 21:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/07/16 07:50:30 | 000,181,544 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- (TeamViewer)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 22:17:34 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/03/20 15:22:06 | 000,114,344 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\Utils\SyncServices.exe -- (NTService1)
SRV - [2007/02/07 03:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 21:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/26 17:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/01/02 12:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/12/28 23:07:22 | 000,126,976 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2006/12/22 17:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006/11/24 15:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ==========
DRV - [2010/07/08 10:52:32 | 000,231,424 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser2_000.sys -- (NWUSBPort2_000) Novatel Wireless USB Status2 Port Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser_000.sys -- (NWUSBPort_000) Novatel Wireless USB Status Port Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,176,384 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm_000.sys -- (NWUSBModem_000) Novatel Wireless USB Modem Driver (vGEN)
DRV - [2010/07/08 10:52:32 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2010/02/09 16:18:48 | 000,020,480 | R--- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisrd.sys -- (Ndisrd)
DRV - [2009/12/08 13:06:23 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/02 15:13:26 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/20 20:03:36 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/02/18 23:58:02 | 000,691,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/08 16:16:50 | 002,313,216 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/12/07 21:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/28 20:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/12 22:02:00 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/11/12 22:02:00 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/11/12 22:02:00 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/04/06 14:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2002/09/06 12:08:00 | 000,016,896 | ---- | M] (First International Digital, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ir100.sys -- (ir100)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 10:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/23 10:51:18 | 000,000,000 | ---D | M]
[2010/11/17 16:54:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/12 18:19:54 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/04/12 18:19:54 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
O1 HOSTS File: ([2010/11/16 19:01:37 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe (HiTRUST co.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MioNet] C:\Program Files\MioNet\MioNetLauncher.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mercerhrs.com ([ibenefitcenter] https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\ENETHOOK.DLL) - C:\Windows\System32\eNetHook.dll (acer)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\ENETHOOK.DLL) - C:\Windows\System32\eNetHook.dll (acer)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\ENETHOOK.DLL) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\kat\Pictures\254792005306_0_ALB.jpg
O24 - Desktop BackupWallPaper: C:\Users\kat\Pictures\254792005306_0_ALB.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/10/20 01:14:28 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{bf9bfb30-0248-11dc-8c0b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bf9bfb30-0248-11dc-8c0b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe -- [2010/04/01 04:40:27 | 002,052,921 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\{d36fcd9b-ef64-11de-ac12-001b24329bdb}\Shell\AutoRun\command - "" = F:\install.bat
O33 - MountPoints2\{ef68143d-2c46-11df-a477-001b24329bdb}\Shell - "" = AutoRun
O33 - MountPoints2\{ef68143d-2c46-11df-a477-001b24329bdb}\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\start.exe -- [2010/04/01 04:40:27 | 002,052,921 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/18 15:38:37 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\kat\Desktop\OTL.exe
[2011/08/17 10:02:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/14 22:36:43 | 000,000,000 | ---D | C] -- C:\Users\kat\Documents\movingweek
[2011/08/14 22:16:26 | 000,000,000 | ---D | C] -- C:\Brother
[2011/08/14 22:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02
[2011/08/14 22:16:05 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- C:\Windows\System32\BRRBTOOL.EXE
[2011/08/14 22:16:03 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- C:\Windows\System32\BRLM03A.DLL
[2011/08/14 22:15:59 | 000,217,088 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011/08/14 22:15:59 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011/08/14 22:15:59 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011/08/14 22:15:59 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2007/05/14 14:42:54 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007/03/16 09:18:48 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
========== Files - Modified Within 30 Days ==========
[2011/08/18 15:38:42 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\kat\Desktop\OTL.exe
[2011/08/18 15:35:54 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/18 15:35:54 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/18 15:35:04 | 010,694,656 | R--- | M] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW
[2011/08/18 15:35:04 | 000,851,968 | R--- | M] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW.TLG
[2011/08/18 15:24:12 | 000,000,376 | ---- | M] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW.nd
[2011/08/18 14:57:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/18 14:57:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/18 14:56:54 | 000,000,511 | ---- | M] () -- C:\Windows\Brownie.ini
[2011/08/18 14:56:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/18 14:26:17 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/08/17 20:12:45 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/08/17 19:50:16 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{851913E1-76B5-4916-B2F4-A87DCD5A7737}.job
[2011/08/16 22:04:41 | 000,082,466 | ---- | M] () -- C:\Users\kat\Documents\youngkevin.wpd
[2011/08/14 22:18:30 | 000,001,925 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2011/08/14 10:28:52 | 000,006,499 | ---- | M] () -- C:\Users\kat\Documents\SCWCC JUDICIAL DEPARTMENTFULL COMMISSION CALL SHEETTime.wpd
[2011/08/07 13:55:48 | 000,707,072 | ---- | M] () -- C:\Users\kat\Desktop\Bostrom reporting (Portable).QBM
[2011/08/04 14:33:40 | 000,072,913 | ---- | M] () -- C:\Users\kat\Documents\young.wpd
[2011/08/04 13:46:47 | 000,062,548 | ---- | M] () -- C:\Users\kat\Documents\MICHNIAK.wpd
[2011/08/01 14:46:10 | 000,070,074 | ---- | M] () -- C:\Users\kat\Documents\MICHNIAKS.wpd
[2011/08/01 14:16:20 | 000,011,444 | ---- | M] () -- C:\Users\kat\Documents\tempoconsent.wpd
[2011/07/29 13:20:22 | 000,010,181 | ---- | M] () -- C:\Users\kat\Documents\REYESA.wpd
[2011/07/29 12:08:31 | 000,004,199 | ---- | M] () -- C:\Users\kat\Documents\july2011.kathrynbostrom.rtf
[2011/07/26 21:09:40 | 000,057,229 | ---- | M] () -- C:\Users\kat\Documents\UPTONR.wpd
[2011/07/26 13:51:19 | 000,057,651 | ---- | M] () -- C:\Users\kat\Documents\lowery.wpd
[2011/07/25 15:46:36 | 000,057,154 | ---- | M] () -- C:\Users\kat\Documents\STEWART.wpd
[2011/07/22 22:19:31 | 000,181,273 | ---- | M] () -- C:\Users\kat\Documents\ALLENS.wpd
[2011/07/19 16:17:21 | 000,057,575 | ---- | M] () -- C:\Users\kat\Documents\GARYM.wpd
========== Files Created - No Company Name ==========
[2011/08/14 22:18:30 | 000,001,925 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2011/08/14 22:16:07 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011/08/14 22:16:01 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2011/08/14 10:28:52 | 000,006,499 | ---- | C] () -- C:\Users\kat\Documents\SCWCC JUDICIAL DEPARTMENTFULL COMMISSION CALL SHEETTime.wpd
[2011/08/11 14:46:58 | 000,082,466 | ---- | C] () -- C:\Users\kat\Documents\youngkevin.wpd
[2011/08/07 13:59:41 | 000,851,968 | R--- | C] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW.TLG
[2011/08/07 13:59:38 | 000,000,376 | ---- | C] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW.nd
[2011/08/07 13:59:37 | 010,694,656 | R--- | C] () -- C:\Users\kat\Desktop\Bostrom reporting.QBW
[2011/08/07 13:55:41 | 000,707,072 | ---- | C] () -- C:\Users\kat\Desktop\Bostrom reporting (Portable).QBM
[2011/08/01 14:47:00 | 000,062,548 | ---- | C] () -- C:\Users\kat\Documents\MICHNIAK.wpd
[2011/07/31 13:55:42 | 000,070,074 | ---- | C] () -- C:\Users\kat\Documents\MICHNIAKS.wpd
[2011/07/29 13:20:22 | 000,010,181 | ---- | C] () -- C:\Users\kat\Documents\REYESA.wpd
[2011/07/26 12:57:10 | 000,004,199 | ---- | C] () -- C:\Users\kat\Documents\july2011.kathrynbostrom.rtf
[2011/07/25 21:16:48 | 000,072,913 | ---- | C] () -- C:\Users\kat\Documents\young.wpd
[2011/07/25 21:16:08 | 000,057,651 | ---- | C] () -- C:\Users\kat\Documents\lowery.wpd
[2011/07/25 15:46:36 | 000,057,154 | ---- | C] () -- C:\Users\kat\Documents\STEWART.wpd
[2011/07/22 14:55:35 | 000,057,229 | ---- | C] () -- C:\Users\kat\Documents\UPTONR.wpd
[2011/07/20 13:57:00 | 000,181,273 | ---- | C] () -- C:\Users\kat\Documents\ALLENS.wpd
[2010/11/17 16:55:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/09/16 21:52:46 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 21:52:46 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/12 15:05:06 | 000,007,376 | ---- | C] () -- C:\Users\kat\AppData\Local\d3d9caps.dat
[2009/04/02 22:09:21 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2009/04/02 22:07:37 | 000,098,136 | ---- | C] () -- C:\Windows\gzip.exe
[2009/03/31 22:54:52 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/03/31 22:54:51 | 000,000,034 | ---- | C] () -- C:\Windows\System32\bd2170w.dat
[2009/03/31 22:53:57 | 000,000,146 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2009/03/31 22:53:57 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2009/03/31 22:53:06 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2009/03/31 22:53:05 | 000,009,853 | ---- | C] () -- C:\Windows\HL-2170W.INI
[2009/03/31 22:52:08 | 000,000,511 | ---- | C] () -- C:\Windows\Brownie.ini
[2009/03/23 21:23:40 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/01/27 04:02:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/06 00:28:54 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2007/10/24 14:16:12 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/10/23 22:29:33 | 000,026,624 | ---- | C] () -- C:\Users\kat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/21 07:11:06 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007/05/14 14:42:54 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2007/05/14 14:26:47 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/05/14 14:26:45 | 000,000,094 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/03/16 10:42:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/03/16 09:34:22 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll
[2007/03/16 09:25:09 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/03/16 09:25:09 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/03/16 09:24:17 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/03/16 09:18:48 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/03/16 09:04:02 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2007/03/16 07:24:01 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/03/16 07:24:01 | 000,145,112 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/03/16 07:23:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/02/07 02:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/02/07 02:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/02/07 02:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/02/07 02:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/02/07 02:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/02/07 02:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 18:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 08:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,410,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011/08/18 14:29:23 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/17 19:50:16 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{851913E1-76B5-4916-B2F4-A87DCD5A7737}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\kat\Documents\TGTS7.pdf:Roxio EMC Stream
< End of report >
and here is the extra.txt file
OTL Extras logfile created on: 8/18/2011 3:46:27 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\kat\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.75 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 47.83% Memory free
3.75 Gb Paging File | 2.16 Gb Available in Paging File | 57.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32.52 Gb Total Space | 3.21 Gb Free Space | 9.87% Space Free | Partition Type: NTFS
Drive D: | 32.25 Gb Total Space | 11.06 Gb Free Space | 34.29% Space Free | Partition Type: NTFS
Drive E: | 627.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: KATHRYN | User Name: kat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09952930-6E77-48D1-A807-212171A14C96}" = lport=1706 | protocol=6 | dir=in | name=mionet remote drive access 6 |
"{145C3B4A-0811-4A7B-8349-2458840BCAE3}" = lport=1705 | protocol=6 | dir=in | name=mionet remote drive access 5 |
"{21595FEE-B9AB-41D1-A152-88CA88C5326B}" = lport=5432 | protocol=17 | dir=in | name=mionet storage device discovery |
"{3314211B-73EF-42CB-8056-ABE38CFEE894}" = lport=1700 | protocol=6 | dir=in | name=mionet remote drive access 0 |
"{33E13381-29BC-495A-AB6D-EB8CB4667BF8}" = lport=1702 | protocol=6 | dir=in | name=mionet remote drive access 2 |
"{40F9DE04-390F-404D-9836-C34A31D8E697}" = lport=1707 | protocol=6 | dir=in | name=mionet remote drive access 7 |
"{55C7EDB5-854C-456B-8BEB-8C30C6219E60}" = lport=1703 | protocol=6 | dir=in | name=mionet remote drive access 3 |
"{6D4CB0AC-7EEC-4DE6-A6C8-8ECE775F4033}" = lport=1704 | protocol=6 | dir=in | name=mionet remote drive access 4 |
"{A0B95D84-42C3-4212-8D7A-0BB64B05C87F}" = lport=1641 | protocol=6 | dir=in | name=mionet remote drive verification |
"{AB547E0F-F21B-4234-983A-871B2BDC48F7}" = lport=1701 | protocol=6 | dir=in | name=mionet remote drive access 1 |
"{B694B247-B11B-4980-B1BA-49E20CF28EB7}" = lport=1647 | protocol=6 | dir=in | name=mionet storage device configuration |
"{D7FBD36F-0184-4608-B9C2-6D603C5C2BA2}" = lport=1709 | protocol=6 | dir=in | name=mionet remote drive access 9 |
"{EFCDC14C-FA50-4C4C-9D6F-AB2EEE253868}" = lport=1708 | protocol=6 | dir=in | name=mionet remote drive access 8 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0066FCD5-1018-4B78-9EF7-AC6E08569ADB}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{06F35D3F-13FD-45F4-B383-2169BC1403A6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{251B51D5-355C-4549-B047-F5192B3C1B8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2DD39A62-200E-4694-AAB3-ABB97988C394}" = protocol=6 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
"{4157219E-2390-443A-ACE5-F282C885ECEE}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{6A93ECA1-AFB4-4E4C-9331-CAC21AF2077E}" = protocol=17 | dir=in | app=c:\program files\mionet\mionetmanager.exe |
"{B8DDD7E4-88F0-4538-9840-889079793C44}" = protocol=6 | dir=in | app=c:\program files\mionet\mionetmanager.exe |
"{FA711A15-DDFA-49D4-BD97-828CC0ECC531}" = protocol=17 | dir=in | app=c:\program files\mionet\jvm\bin\mionet.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07AA014C-25AF-468A-BBC3-E7AF5FB3BE24}" = Brother HL-2170W
"{0BE8E6DE-BCCD-645F-781A-E25D46523C69}" = Catalyst Control Center Localization Chinese Standard
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{12BC816B-8F68-CAB4-867E-FA0FEF15FB36}" = ccc-core-static
"{1947BE8A-015E-054A-4C2B-2D1F70594DD4}" = CCC Help Japanese
"{1B182EF5-011E-A0EC-D22F-8D279763A921}" = ccc-utility
"{1B5D82CA-77FD-44A9-8F98-7691AC40706A}" = DigiWare
"{1D4B8F37-30C6-F67B-A812-60CBCE6471D8}" = Catalyst Control Center Core Implementation
"{1EF76089-FEEC-9FEA-AE75-E67BF9015F8B}" = Catalyst Control Center Localization German
"{234C4E43-A53D-435A-A8EA-13A7CB21816F}" = Catalyst Control Center Localization Arabic
"{24256DFB-ECCE-45D3-3A6C-33FC947AFC6A}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 22
"{2DADCB1C-D758-AB6A-D523-A6F021BD32B4}" = CCC Help Korean
"{305C7D69-18C1-5219-E6AF-09F4AB2B470A}" = CCC Help Chinese Traditional
"{32655698-54AE-0061-A662-2EC34B7E5F24}" = CCC Help German
"{35F63BBB-0D00-FD76-96C6-66D9B4126788}" = Catalyst Control Center Localization Arabic
"{36F0C5CD-C50B-F098-22F1-E1822B83F008}" = CCC Help English
"{38126AC8-D7B0-7DA1-CBB0-30E56AE0F428}" = Catalyst Control Center Localization Arabic
"{3864FA17-51A6-7CBB-EB67-84A6B9BE6867}" = CCC Help Swedish
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3BE5D166-0AC6-E8F6-DB61-BB32BDD418C4}" = Catalyst Control Center Graphics Light
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7A11F6-72F6-DFB3-05CF-9A6D0336251E}" = Catalyst Control Center Localization Greek
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{507F635D-CCB8-B8E1-9278-8B4AC1D43DC9}" = Catalyst Control Center Localization Italian
"{50CE6FB8-23DF-42B1-98CE-AA17A0905C7A}" = Learning QuickBooks 2009
"{5228179A-6DA6-12F1-1287-322E38FFEBCA}" = CCC Help Turkish
"{53AF3638-DDB4-4755-B3DC-259981689DB7}" = MioNet
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E0B99FE-DA5E-A31F-EDB8-62605F2292A6}" = Catalyst Control Center Localization Chinese Traditional
"{5E513EF7-69F4-E458-E777-7BBACB7FAE0D}" = CCC Help Dutch
"{61A1E611-2039-E14F-7842-6BF89370DDC1}" = Catalyst Control Center Localization Korean
"{630CC87A-57A3-45DC-A5A4-08CE98E0BCB7}" = Branding
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67820D1D-7387-F081-D90C-EE12D28BCF00}" = CCC Help Portuguese
"{68A0D07E-0F93-AAB4-9F79-184CA54963DE}" = Catalyst Control Center Localization Arabic
"{6B3AD9C7-9B15-881E-B132-B924334DE57C}" = Catalyst Control Center Localization Arabic
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F74557B-9B57-A942-235D-EEC40FA5009A}" = CCC Help French
"{70A23B86-F5C9-FD1C-1F1B-FB37715442DB}" = Catalyst Control Center Localization French
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7641FD7D-E94E-424E-A95C-0593C84DC0C0}" = VZAccess Manager
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{788261EE-204C-BE01-F02D-51B89A1BB929}" = Catalyst Control Center Localization Spanish
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B577E09-C0C6-7C31-7E3B-9EAE6D2F477B}" = CCC Help Thai
"{7FFDACF9-FB80-B850-FD13-9282CBEDB146}" = CCC Help Russian
"{80A6D4BB-63C1-3DFD-DA6E-EE690812284D}" = Catalyst Control Center Graphics Full Existing
"{849E535E-9603-8142-9B2C-4EE38DEE8008}" = CCC Help Danish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86E3BF8E-5F49-F4CD-3B82-B91A73B0BC74}" = Catalyst Control Center Localization Arabic
"{8765A391-F170-107B-7893-8529F226672E}" = CCC Help Czech
"{882181E4-9102-A1C0-27B3-56A83C363583}" = Catalyst Control Center Graphics Previews Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E4FF8EF-94E3-E9F8-B01D-31082ED9EED2}" = CCC Help Italian
"{90C5B334-AC20-C1C4-8C3C-BF74A3087D03}" = CCC Help Finnish
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{94C8432D-9C75-03E9-3AB0-C5B0709D95CF}" = Catalyst Control Center Localization Finnish
"{95BFF219-80F6-AD1D-22F9-A1722A37055D}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB7F92D-B82D-4A51-5551-33F6E967E5F8}" = CCC Help Chinese Standard
"{A51080B6-6564-3246-F105-01CD96B6CA27}" = Catalyst Control Center Localization Hungarian
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B607E77A-5B42-BA12-F51E-433C7370D376}" = Catalyst Control Center Localization Czech
"{B695C12D-427E-7E00-2EF8-00EE77E58DA0}" = CCC Help Greek
"{B8BCC092-DCD1-A3CF-9A24-1A96C7E44F0F}" = Skins
"{BB6928B4-1C6F-695E-2EF3-4AC539B077FA}" = Catalyst Control Center Localization Arabic
"{BBB34DD8-A775-548B-B87E-7C493A364918}" = CCC Help Norwegian
"{BCBC2A14-9AD7-E067-B925-D400B945B0C5}" = ccc-localization-da
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.11
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2270DW
"{E8C95FCB-88B3-B83D-E825-0CEDE5135940}" = Catalyst Control Center Localization Japanese
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19553C5-F843-4C27-BF9F-9DE4D901B895}" = Verizon Mobile Broadband Drivers
"{F23C105B-582C-8A9F-88F2-B5E9B1124C4B}" = CCC Help Polish
"{F362902D-BC94-4187-8960-3B51F55B2EB0}" = Verizon Wireless USB760 Firmware Updates
"{F463F699-2B14-2B53-C7CC-0B7F220F7450}" = Catalyst Control Center Localization Arabic
"{FDFA99CA-B5F9-13EF-8DCA-58257C3CED79}" = CCC Help Hungarian
"{FF268652-B3E8-494F-8343-1FC6DD0FF523}" = Maxtor OneTouch III
"7-Zip" = 7-Zip 4.57
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Uninstaller" = ATI Uninstaller
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Express" = Express Dictate
"GridVista" = Acer GridVista
"Homestead SiteBuilder" = Homestead SiteBuilder
"InstallShield_{FF268652-B3E8-494F-8343-1FC6DD0FF523}" = Maxtor OneTouch III
"Learning QuickBooks 2009" = Learning QuickBooks 2009
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.5
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"Scribe" = Express Scribe
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 3" = TeamViewer 3
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/18/2011 3:23:45 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 8/18/2011 3:23:45 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 8/18/2011 3:23:45 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 8/18/2011 3:23:45 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 8/18/2011 3:24:05 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": Connection
Error:Invalid user ID or passwo
Error - 8/18/2011 3:24:05 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": Connection
String:CON=QBConnectionPool-Probe-QB_data_engine_19; ;DBF=C:\Users\kat\Desktop\Bostrom
reporting.QBW;ENG=QB_data_engine_19;DBN=df5dc6e2e8734b7dabd8a25c94a6a2
Error - 8/18/2011 3:24:05 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": DBConnPool::HandleConnectionError
errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 994 from
function:'DBMgr::DBConnPool::ini
Error - 8/18/2011 3:24:24 PM | Computer Name = kathryn | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": An attempt
to LogOff without a logo
Error - 8/18/2011 3:35:02 PM | Computer Name = kathryn | Source = Application Hang | ID = 1002
Description = The program qbw32.exe version 19.0.4008.703 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c90 Start Time: 01cc5ddc4efe1bf2 Termination Time: 63
Error - 8/18/2011 3:42:08 PM | Computer Name = kathryn | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.26.5 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1868 Start Time: 01cc5dde800ccdd6 Termination Time: 15
[ System Events ]
Error - 8/18/2011 2:39:03 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:39:03 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:39:14 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:39:16 PM | Computer Name = kathryn | Source = DCOM | ID = 10005
Description =
Error - 8/18/2011 2:39:17 PM | Computer Name = kathryn | Source = DCOM | ID = 10005
Description =
Error - 8/18/2011 2:39:18 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:39:48 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:45:23 PM | Computer Name = kathryn | Source = DCOM | ID = 10005
Description =
Error - 8/18/2011 2:48:10 PM | Computer Name = kathryn | Source = Service Control Manager | ID = 7001
Description =
Error - 8/18/2011 2:56:46 PM | Computer Name = kathryn | Source = Print | ID = 54
Description = Document Intuit failed to print and was deleted because of corruption
in the spooled file. The associated driver is: Brother HL-2170W series. Try printing
the document again.
< End of report >
Edited by sckathryn, 18 August 2011 - 02:10 PM.